How would a user set a new password if they’ve forgetten their password and the answer to their challenge question? I agree with the intent of @sunbiz’s comment on why we shouldn’t allow an admin to set a password; however, until we have support for emailing temporary password reset links and/or two-factor authentication support, I don’t see any other option. I would expect password resets to be a common need for any admin.
Since there is a workaround (using the legacy UI), I don’t think this needs to block the release of Reference Application 2.3. But it would be an important feature request for the new Admin UI module.