I'd think you could borrrow some code from the invite module and put something like this together rather quickly using auto-generated un-guessable tokens with expiry dates.<br><br><div><span class="gmail_quote">On 4/30/07,
<b class="gmail_sendername">Ari Davidow</b> <<a href="mailto:aridavidow@gmail.com">aridavidow@gmail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br><div><span class="q"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">> Include the links to user/password link (Request new password) in the mail.
<br>
> Create a user/remind_password link to have that in the mail instead.<br>> Just send the unencrypted password to the use.<br>><br>Actually I have a client who knows his users so well, that he asked me<br>to clear-text all the passwords...
</blockquote></span><div><br><br>Ouch. Let's not go there. That opens up too many very signficant security holes. I hope for your clients' sake that the passwords used are auto-generated and unique to that system.
<br><br>
But if someone has done something similar, =with= encryption/decryption and auto-expiry, I'd love to talk with you.<br><br>ari<br><br></div></div>
<br>--<br>[ Drupal support list | <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://lists.drupal.org/" target="_blank">http://lists.drupal.org/</a> ]<br></blockquote></div><br>