Some account I have, I log in using Google (or Microsoft or another-federated-system).  I don't require a password but at the same time, I need a way to remember which system I registered with (Google or Microsoft for example) when presented with a number of ways to log in.  
I've added an entry to my vault for the website with "(Google)" at the end so I know I should use the Google button to log into that site, but the security check considers this a "missing password" as it doesn't know that I've intentionally not using a password.

Can the "edit password" page offer the option to either include a checkbox that states that you are registered with the site with a federated login?  Better still - offer a drop down with some of the main options so I can explicitly record which method (or methods) my account is associated with.
The securty check should not then consider a missing password a weakness in these cases.