What you *can* do is e-mail the user with a link to reactivate his password, possibly requesting that he gives the right reply to a secret question. It's a good compromise between ease and security.
On Fri, May 6, 2011 at 2:01 PM, DrBloodmoney <drbloodmo...@gmail.com> wrote: > On Fri, May 6, 2011 at 12:36 AM, Phui-Hock <phuih...@gmail.com> wrote: > > On May 6, 4:22 am, Shawn Milochik <sh...@milochik.com> wrote: > >> This is a bad idea for multiple reasons. Don't do it. > > > > Huh, care to explain, please? > > Please Please Please do not send plain text passwords via email. Please. > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To post to this group, send email to django-users@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
