I haven't done a migration from 2K to 2K5, so I'm speculating: perhaps the 2K5 server security policy will not accept a NULL password.
Just to get the accounts transferred, you could add a SET line with a generic password, and replace the NULL in the sp_addlogin line. At least all would then have passwords.
Or, since sp_addlogin is on the way out after SQL2K5, you could generate CREATE LOGIN statements instead, and use the CHECK_POLICY option to turn off security settings. But that would leave you with those NULL passwords, and part of the exercise ought to be to eradicate them. If your users are unwilling, you can always sell it as improved security from the new version
Edit - I say "all", but I see it is only 2 users; still, the principle applies