Comment 16 for bug 1391116

Discussion in the OSC meeting clarified this for me, consensus is that OSC should handle empty passwords for auth and not place any restrictions or validation when setting the password.