Possible to create an account and then not be able to log in

[crccheck]

To recreate:

1. successfully sign up for an account
2. log out before setting a password

Possible solutions:

1. disable the log out button (doesn't really solve the problem, there are other ways the password setting process can get interrupted)
2. allow a "reauth" action
3. set a blank password, allow a blank password in the log in form, coerce user to set a stronger password on the next log in.