we run a blog for AD users managed within our company and external parties managed manually.
AD users shall never update their password as it shall stay in sync with AD.
External users are managed by admin and password may either not be updated or only by the admin.
Problem is that the passwords are hidden for all as soon as you enable local passwords. When you disable, even the admin cannot see the field and a created user within WP is never able to log in, as of NO PASSWORD.
1) Distingueish between AD and local users
2) Enable password field for LOCAL users for admins ALWAYS
3) Enable password field for LOCAL users only by a new configuration option