Self-service Password Change: support the state of not having a password if passwords are enabled

[reivilibre]

On the Account Management page: We probably want to add has_password or something to the User node in GraphQL — or maybe something a bit more carefully designed[^1] — so we can show

On the password change page: We presumably want to allow setting a password if you don't already have one(?), but this flow doesn't exist right now...

[^1]: e.g. we might want to expose the password version, or the time it was last updated, etc

This issue really only matters when we support instances with both SSO and/or passwords in a hybrid setup.

[matrixbot]

For your information, this issue has been copied over to the Element fork of matrix-authentication-service: https://github.com/element-hq/matrix-authentication-service/issues/2862