I disagree that the new method of emailing a link that allows the user to get in with a new password is in any way hackable or insecure. It's very much more secure than having open, human readable passwords.
The users have a way to assign themselves a new password should they forget it, without even having to ask you for their password, so the need to breach security and give them a plain text password is not required to meet your end goal - only to meet the process you have chosen to use to hand out lost passwords.
I'm not sold. Any other reason?
-tim
|