Re-evaluate auto-generated passwords in user import

[andreyv]

CMS now uses bcrypt hashing by default, so the generated passwords cannot be viewed later.