I Hope that the official can achieve the root account to change the password in version 1.1 GA AND in --insecure mode
root user is only allowed to use certificate-based authentication. If you require password-based authentication for tools used in your application, create a non-root user for this purpose.
We do not support any authentication in insecure mode because our inter-node communication only supports certificate-based authentication. Allowing password-based authentication in insecure mode would just be a false sense of security because anyone could get node-level access on the internal interface.