Set no_log to true if a password is defined.

tasks/main.yml

@@ -58,7 +58,7 @@
         remove: "{{ item.remove_data | default(false) }}"
         force: true
       loop: '{{ users_system_users }}'
-      no_log: false
+      no_log: "{% if item.password is defined %}true{% else %}false{% endif %}"
 
     - name: Ensure that the users can login with their ssh keys
       ansible.posix.authorized_key:
@@ -100,7 +100,7 @@
         remove: "{{ item.remove_data | default(false) }}"
         force: true
       loop: '{{ users_system_users_adjunct }}'
-      no_log: false
+      no_log: "{% if item.password is defined %}true{% else %}false{% endif %}"
 
     - name: Ensure that the additional users can login with their ssh keys
       ansible.posix.authorized_key: