Disable customer password input field in Magento admin

You can rewrite the Mage_Adminhtml_Block_Customer_Edit_Renderer_Newpass block and in your new block make the render method look like this:

public function render(Varien_Data_Form_Element_Abstract $element)
{
 $html = '<tr>';
 $html .= '<td class="label">&nbsp;</td>';
 $html .= '<td class="value"><input type="checkbox" id="account-send-pass" name="'
 . $element->getName()
 . '" value="auto" />&nbsp;';
 $html .= '<label for="account-send-pass">'
 . Mage::helper('customer')->__('Send Auto-Generated Password')
 . '</label></td>';
 $html .= '</tr>'."\n";
 return $html;
}

If you want to disable the feature for security reasons, you should not only hide the inputs, but also make sure that admin users cannot change the passwords, even if they fiddle with the form or the request.

Let's have a look at Mage_Adminhtml_CustomerController::saveAction()

if (!empty($data['account']['new_password'])) {
 $newPassword = $data['account']['new_password'];
 if ($newPassword == 'auto') {
 $newPassword = $customer->generatePassword();
 }
 $customer->changePassword($newPassword);
 $customer->sendPasswordReminderEmail();
}

Here we want $data['account']['new_password'] to always be "auto", independent from the POST request.

So you should write an observer for controller_action_predispatch_admin_customer_save and manipulate the request:

$account = $observer->getControllerAction()->getRequest()->getPost('account');
if (!empty($account['new_password']))
 $account['new_password'] = 'auto';
 $observer->getControllerAction()->getRequest()->setPost('account', $account);
}

To hide the fields you can use Marius' solution or simply hide them with CSS that you can add to app/design/adminhtml/default/default/custom.css (create the file if it does not exist):

#_accountpassword_fieldset tr:first-child,
#_accountpassword_fieldset tr:nth-child(2) {
 display:none;
}

• admin
• magento-enterprise
• security
• customer-account
• password