So, I was making a custom user model, and to be able to change the password using the admin page I did this on the UserAdminChangeForm, is it wrong? I mean dealing with the security.
password = ReadOnlyPasswordHashField( label=_("Password"), help_text=_( "Raw passwords are not stored, so there is no way to see this " "user’s password, but you can change the password using " '<a href="../password">this form</a>.' ), )
if a superuser wants to change the password of other users using the admin panel they can use this endpoint: /admin/auth/user/123/password/, where 123 is the user's id.