This question has been answered by BobRay. See the first response.
$user->_setRaw('password', $value);
Try this:
$user->_setRaw('password', $value);
You may have to mess around with the salt to get it to validate correctly. Worst case, you can use a plugin to bypass the normal validation and validate the user yourself.