From 8a18b2c351475986065c6c607cff0f25633e6e14 Mon Sep 17 00:00:00 2001
From: e0d <ed@edx.org>
Date: Thu, 14 Jul 2016 08:09:51 -0400
Subject: [PATCH] use random rather than unusable so they can be reset

---
 .../djangoapps/student/management/commands/manage_user.py  | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/common/djangoapps/student/management/commands/manage_user.py b/common/djangoapps/student/management/commands/manage_user.py
index fed69c7771..dcfdf79af4 100644
--- a/common/djangoapps/student/management/commands/manage_user.py
+++ b/common/djangoapps/student/management/commands/manage_user.py
@@ -4,7 +4,7 @@ Django users, set/unset permission bits, and associate groups by name.
 """
 
 from django.contrib.auth import get_user_model
-from django.contrib.auth.models import Group
+from django.contrib.auth.models import Group, BaseUserManager
 from django.core.management.base import BaseCommand, CommandError
 from django.db import transaction
 from django.utils.translation import gettext as _
@@ -81,7 +81,10 @@ class Command(BaseCommand):
         )
 
         if created:
-            user.set_unusable_password()
+            # Set the password to a random, unknown, but usable password
+            # allowing self-service password resetting.  Cases where unusable
+            # passwords are required, should be explicit, and will be handled below.
+            user.set_password(BaseUserManager().make_random_password(25))
             self.stderr.write(_('Created new user: "{}"').format(user))
         else:
             # NOTE, we will not update the email address of an existing user.