Problem is there is no conditional validation, this is why backend form is meant for admins and frontend for users to edit their own profile.
But you can work around it - create second set of password fields (there are 2) with the same storages, then set validation on the second instance as it is done in admin form. Then put usergroup restriction on the fields, set for the first set to admin usergroup and Invert to yes (so that fields will only show when user is not admin), for second set do the same, just set Invert to No. This way non-admin will get fields with required validation and admins without it.