You can authenticate against other sources. For example, I have some customers authenticating against Office 365 (in fact, that is what our company does), because that is what they use for their email, and it is easy for users to use their email address and password for as many systems as possible.
You can authenticate against Google as well (I haven't done that yet). It probably supports SAML.
Unfortunately, there is no way to automate password creation with the current product using the API or otherwise.
The original intention of the user import wasn't as a replacement for integration with identity stores such as Active Directory, where 100s or 1000s of users would be synchronized with SM. The original purpose was to solve creation of small sets of users.
That said, clearly folks in this thread are part of that group of users that do indeed want to use the user import as a way of managing 100s or 1000s of users. So, this thread has prompted us to think about how might improve this in the future. The most obvious improvement, to me at least, would not be a feature to set passwords but rather allow users to do a password reset on their own.
I can't offer up any short term fixes for this, other than offering help if indeed there as a store of user credentials in Google, AD, Azure, or some OAuth capable system.
"iOS devices enrolling through DEP currently do not support enrolling with Azure AD, OpenID, and Google Oauth enrollment authentication. They will fall back to Meraki managed authentication and require Meraki owner accounts to authenticate if your Systems Manager network is configured with one of these methods. Note that these three methods will also not provide any group tag metadata like local Active Directory integration will."