you should first duplicate the field.
since the password field is named "newpass", this duplicate should be named "newpass2".
Then you should have in the other page a code like this
{.if|{.{.postvar|newpass.} = {.postvar|newpass2.}.}
|{:{.set account|%user%|password={.postvar|newpass.}.}:}
|the two passwords don't match, retry
/if.}
Please, notice i changed {.postvar|name.} with %user% here, because the version posted by SP is very dangerous. Any skilled user can remove the "readonly" thing and change the passwords of other accounts. Using "firebug" plugin (for firefox) is very easy.
finally and optionally, you may use a javascript code that will prevent submitting if the two passwords are different.
this can be done by adding to the submit button this value
onclick="if (document.newpass.value != document.newpass2.value) { alert('Error, please retype your passwords'); return false; }"
(this code is untested, may require some fixing)