I have a site that allows potential users to register. By default they are blocked and need to be set to active by the administrator. This cannot be done without resetting the password. What is the standard procedure for this. I note that drupal creates a default password that is sent out when no approval is required.
Is it the usual practice for the administrator to create a new password at the time an account is activated?