Based on your description, it sounds like you are using moderated registration (users must be approved). There are two possibilities when using this option:
1. users are emailed a random password when approved (the default plugin configuration).
2. users choose a password at registration.
If all users cannot login after they have been approved, it is likely you have something configured incorrectly.
If you are set up as #1 above, the valid password for the user will be set when they are approved. So if you create the user on the backend and give them a password during that process, that password will no longer be valid after the user is approved. If you have the email set to send a password when they register rather than when they are approved, that password will not be valid once they are approved. So make sure they are receiving the password in the “user is approved” email.
If you are set up as #2 above, first make sure that the password field was created with the option name “password”. Second, if the password is emailed to the user, it MUST be emailed in the first email (when the user registers). If you send it in the “user is approved” email, they will not receive a valid password because at that point the password is encrypted and the plain text version is unavailable to the plugin at that time.
There is more information on this in the User Guide under “Registration” (specifically “Choosing Fields” and “Moderating Registration”).
