Restoring the former task title and category/status.
@dpi, I believe the primary reason for removing the password token is that it is bad security practice to display or transmit a user's password in any form. We can argue about what methods of data transfer are and are not safe, but at the end of the day the only 100% guaranteed secure decision is to simply not expose it, and that's the decision the Drupal team have made.
On a technical level (AIUI) it is no longer possible to extract a user's password for display, as the login system has been moved over to a one-way encryption algorithm - the system itself can't decrypt a stored password. (There's really no need to, even at login - instead it encrypts the entered password using the same algorithm and compares it with the stored one.) So that is a pretty big barrier to making such a token generally available even if you wanted to, which, as noted, is a super bad idea.
The RPT module does a very specific job of making the token available in registration emails, which it's only able to do because the password has not yet been encrypted at that point (the form submission is still available). Adding a password token to the system does not look like an practical or desirable option at this time.