As John said, player changing password on a server is done using the
password command.  Admin changes use ntpasswd command.

I'm not too worried about changing passwords as a server admin, since
the only thing I'm protecting is reputation and stats.

If you haven't already done it, please add a few points about the
password security:

1.  it is sent in the clear over the network connection, easily
observed using wireshark or some other tool,

2.  it is stored in the Netrek server player database using a one-way
cryptographic transformation,

3.  it may appear in server logs, depending on how the server
administrator has configured the debugging features,

4.  it will appear in game logs or server recordings if the password
command is used,

Given that the password is only intended to protect re-use of your stats
on a server, we consider the impact low.  Players should avoid using a
password that has any other meaning or use for them.

-- 
James Cameron    mailto:quozl at us.netrek.org     http://quozl.netrek.org/