I think in this case the behavior is that the initial generation of the password is random, but subsequently it is, shall we say, "trivially deterministic": it (intentionally) always spits out a cached copy of the initial randomly generated password.

I think security implications here would mostly apply to cases where you wanted to create multiple accounts on the same website within a short period.