It is better to reset it and then email it to user. You need use UserSid.SetPassword function

Thanks - as suspected. I got help to do it via the back door - but I wanted to know if it was possible through the front door :)

As of EPiServer 4.41 passwords for extranet users are stored cryptographically hashed in the database. This means that the password cannot be retrieved in its original form; passwords can only be changed or compared with credentials entered by the user. Together with the hash value, a per user generated salt value is used to season passwords, in affect enhancing the protection by, for example, ensuring that users with identical passwords get different hash values. This feature is enabled by default on all new installations but not on upgrades. Even though the EPiServer API is fully backward compatible, there may be other reasons for not wanting to enable this: • You have custom functionality that for some reason reads the password directly from the database. This approach is not recommended by ElektroPost. • You have an upgraded EPiServer 3 site that is using extranet users with EPiSec. EPiSec is not compatible with hashed passwords. http://www.episerver.com/en/EPiServer_Knowledge_Center/Support/FAQ_EPiServer_4/1010/3276/

Even I am facing a similar problem. I am not able to compare/validate the user typed password in the login screen against the extranet user's password using UserSid.Password property.