<b>New Password</b><?= Html::input('text','password1','', $options=['class'=>'form-control', 'maxlength'=>10, 'style'=>'width:350px']) ?>Passwords may only use characters A-Z a-z 0-9
The normal way to do this is to use a ViewModel, that is a model that inherits yii\base\Model rather than yii\db\ActiveRecord. In the ViewModel, you have a property for both passwords and then inside that model, on save, you check that they match and save them into the User model, which is linked to the database.
You can have validation in the ViewModel (using normal validators like ‘match’ validator) and you can also set property labels so this is a neater and more correct way tp achieve this.
There are examples of these types on models in the advanced template (and the ContactForm is another basic example).