There are some cases where the password gets messed up in transfer. Ideally the same password is passed to DirectAdmin, but if it does not comply with DA requirement (both uppercase, lowercase and numbers) it is not passed from SSO login to DA. Also during some testing we noticed that some special chars didn't get passed either.
However, we didn't dig into it too deeply at that point as a new backed should have been launched by now according to initial plans, unforeseen delays plus a few bugs popping up during final testing has delayed it, last estimate is end of month.
What I can recommend right now, as changing the password right on DA server may only work temporarily (until you login to SSO page), is to use the forgot password option tied to the SSO login and update to a password that is upper- and lowercase plus at least one number, as for special chars might be good to avoid those right now, although at least - would work.
Then when you login with the new password that would be transferred down to the server as well, and enabling the same password for ftp as well.