You generate a random password from the set of inputs that the system allows, usually printable ASCII characters. So instead of a non-gibberish password like "correcthorsebatterystaple" you end up with a gibberish password like "]'gf2~B;](0EnxW>/n%+b*q4{".
> I'm pretty sure they haven't addressed the old issue of
> having keeping your FTP credentials in plain text.
Would you complain if it were an API key that was provided to you in plain text?
You're addressing a different issue; at-fates-hands was addressing the issue of "keeping your FTP credentials in plain text" whereas you are discussing that plain FTP is an insecure protocol (a point I fully agree with). The site does say:
"The Azure dashboard doesn’t seem to give easy access to your FTP
credentials, and they are not the login and password you use everywhere else."
Likely the difficulty of finding FTP credentials is because FTP isn't the preferred method of publishing your site.
