hashed password stored in database even when LDAP authentication is used

When logging in via LDAP for the first time, a hashed version of the user's password is stored in the database. This is not required and should be avoided, to minimise the risk of leaking sensitive data.