Shooting from the hip here: IMO, there are 4 primary steps to registration: a) Verify b) Register c) Moderate d) Complete The current default implementation: b, a, b, c, d. Proposed implementation: a, b, c, d. In other words, all that I am proposing is that registration involve verification as a discrete first step (rather than the present hybrid version). All other permutations and combinations currently possible will remain so, as outlined below. Admin approval: a) Verify e-mail. b) Registration : User created. c) Moderation: tell user to await approval e-mail. d) Complete registration. The above will also ensure that admins only moderate verified users, which, I believe, is not the case currently. Restricted mode: b) Registration (with e-mail field): User created. c) Moderation: user is in restricted role. E-mail verification will complete registration. a) Verify e-mail. d) Complete registration. No approval required: b) Registration: User created. d) Complete registration process. ----- Step b) - registration will just be the default user edit form. There will be (by default) no question of auto-generated passwords and the like. The widest net is "prior e-mail verification" and this is an attempt at streamlining this process. There is no question of this becoming the only implementation.. just the default one. Logintoboggan etc. will still be around. Cheers, -K