I would have thought a domain registry wouldn't do something so egregiously stupid.<p>Oh, wait, a domain registry seems like <i>exactly</i> the sort of org that would do something so egregiously stupid. :-(
Are you absolutely certain that it's not just bad phrasing? Perhaps they're generating a new password, and mailing you that one.<p>(I'm not a nic.io customer, and I don't want to bother registering, so I can't check.)