As of version 1.2.0, Mumble supports strong encryption and authentication based on certificates instead of passwords. There are three levels to authentication scenarios in Mumble now:
Password Set, No Certificate in Client
If a user's account is created using an external administration program, a password set, and they have not created a certificate in their client, then Mumble will pretty much just authenticate as with 1.1.x and earlier. The password is not saved, and must be entered every time you connect.
As of 1.2.1, Mumble will always automatically generate a certificate, even if you terminate the certificate wizard - so this scenario is increasingly unlikely.
There's still no way to set a password for an account other than SuperUser from Mumble or Murmur itself - you'll need an administration package to do that. If you don't have one, the next scenario is much more likely.
No Password Set, Certificate in Client
If a client is registered to a user name by another user (or themselves, if privileges allow) from inside the Mumble client (by right clicking on the user, or themselves, and clicking "Register"), the account is created with no password but the certificate is connected to that account and only a user with that certificate will be able to connect as that user.
Password Set, Certificate in Client
If your client has a certificate in it, and you log into an account that has a password on it for the first time, then you will be prompted for a password. Once the correct password is entered, the certificate is attached to that account on the server - any user connecting from that same client certificate will not need a password from that point on.
Replacing Lost or Expired Certificates
As stated in the last scenario, if you replace your certificate for some reason then the certificates will not match. If you have a strong certificate (signed by a trusted certificate provider, such as StartSSL) and the email address matches the old one, then the certificate will be updated without a password being required.
If you have another certificate generated by Mumble, then you'll need the password to the account to update your certificate on the server. For this reason, if you're not using account passwords (say, you have no administration package installed), you'll want to make sure you backup your certificate and key and keep them in a safe place.
Getting a Strong Certificate from StartSSL
You can use a strong certificate with Mumble if you have one - most of them are paid, but StartSSL offers free certificates. Simply visit the StartSSL website, click the little key up in the right hand side and it'll walk you through the process of creating one and importing it into your browser. If you're using Firefox, you can then export the key by going Tools; Options; Advanced; Encryption and then clicking view certificates. Pick your new certificate and click "Backup", then save it somewhere Mumble can access it.
Then repeat the Mumble Certificate Wizard, import your new certificate and connect to the server.