This is a problem I've seen a few times, and it may be to a lack of understanding on my part, but it seems as if its nearly an oversight.

If ever you want to edit the password attribute outside of the default registration and password reset controllers (or traits rather), the most efficient way seems to be using the setPasswordAttribute function in the User model. Since this method works so well, why not always have that instead of having the password hashed in several different places?

I was working on a custom form and had a confusing problem of the password not working. It turns out it was being hashed by the default controller and the setPasswordAttribute function. So, if I ever want to use this function it seems I need to edit the ResetsPasswords trait as well as the registration to not hash it, and allow the User model to handle it.

As I've said, I'm sure I overlooked something, but would love to hear all of your thoughts on this.