It looks like Drupal automatically stores a hash of the password when an account is created. Since we're using LDAP, we don't need this hash stored with drupal. My (limited) testing says the stored password isn't used at all, so it shouldn't be too bad to remove.
Status: NEW → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → FIXED
For the record, the password field is populated because drupal doesn't like it when it's empty, but it's just an md5 of a random number.
You need to log in before you can comment on or make changes to this bug.