Good news Till now you have to change admin password at multiple location if you are using CQ5.4, see here
From CQ5.5 onward you just have to change admin password once. There are multiple ways though,
1) Using CRX explorer (Old way)
2) Using granite http://host:port/libs/granite/security/content/admin.html#edit:/home/users/a/admin
3) using curl command
curl -u admin:OLD_PWD -F rep:password="NEW_PWD" http://host:port/home/users/a/admin.rw.html
You can also use security API for do user related task, Something like this
curl -d "createUser=true&authorizableId=$userId&rep:password=pw&membership=administrators" -u "admin:admin" http://host:port/libs/granite/security/post/authorizables
(There is set of operation you can do using this, JAVA DOC coming soon)
For any other user other than admin you can use CURL to change password as
curl rep:password="test" --user admin:ADMIN_PASSWORD http://host:email@example.com
You still have to use CURL command to change replication agent password mention here
Above curl command does not work for CQ 5.6 instead use this command to change admin password
BELOW DOES NOT WORK IN CQ5.6 thats why have strike. Looking in to this.
Note For all cases you need current admin password to perform operation. As always please test it before use.
Thanks Alex from Adobe for Helping.