Originally Posted by neversay
I would not see any other way of sending new pass to member which is cost effective.
The main problem, is after the member SETS their password, an email is sent to them with it in plain text. They already know the password. If they forget the password, there should be a secret question that they set when they signed up that they can use to reset the password and allow them in. Then they can reset their password at the site.
One other thing - logins are not in https (secure site)
bad form, but what else is new?