TonyF, if you have left the password blank then it should not ask the user for a password. The option you have when setting password are: User must change password at next logon, User cannot change password, Password expires or Account is disabled.
With all these options there are other settings that can be applied under Security. If for instance you go into Local Security Setting, you should see under Account Policy a Password Policy, options were you can give a minumum or maximum age to the password and so on. If you go into any of these Security Setting make sure you write down which one you are in and what you have changed for future reference as there are several layers of Security Settings within 2K server.