Actually, we can retain the current password by " alter user identified by values ' xxxx' " , while changing the status from expired to open. In 11g, the hashed password can be found in SYS.USER$.
Ref:
http://stackoverflow.com/questions/1766445/oracle-how-to-set-user-password-unexpire