<br><div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">> Include the links to user/password link (Request new password) in the mail.<br>
> Create a user/remind_password link to have that in the mail instead.<br>> Just send the unencrypted password to the use.<br>><br>Actually I have a client who knows his users so well, that he asked me<br>to clear-text all the passwords...
</blockquote><div><br><br>Ouch. Let's not go there. That opens up too many very signficant security holes. I hope for your clients' sake that the passwords used are auto-generated and unique to that system.<br><br>
But if someone has done something similar, =with= encryption/decryption and auto-expiry, I'd love to talk with you.<br><br>ari<br><br></div></div>