Password are not usually stored in a separate table, they are usually just a column in the users table.

What you do is make a view that does not include the password column, and give them access to the view, but not the table.