show_password_field() checking in edit_user()

We use wpCAS 1.05 and WordPress 2.7. We’ve noticed that users cannot modify their own profiles though. wpCAS hides the password fields in the profile since the password is ignored for authentication anyway, and pre-fills they with a “random” string. But wp-admin/user-edit.php clears the first password field upon loading.

So for a user changing their own profile settings, they will get errors that the passwords don’t match, and pass1 is empty. Should wp-admin/uesr-edit.php not clear the first password field? Should the password checking portion of edit_user() in wp-admin/includes/user.php use show_password_field()? Is there a better way for wpCAS to do what it needs to do?