Couldn't they then use a random password for the setup process and switch to the selected one when app and the router have connected? I'm pretty sure both android and iOS have APIs for apps to connect to wifi networks.
I'm just trying to ask: What is the scenario where the best (in both security and user-friendliness) solution is to send the wifi password in plaintext?
That API was introduced in Android 10. That's currently supported by only around 60% of Android devices globally and that number would have been lower when they decided how to implement this project.
My phone did have that API, and I subjectively still found the experience janky. But that's just my opinion.
I'm just trying to ask: What is the scenario where the best (in both security and user-friendliness) solution is to send the wifi password in plaintext?