6 Sep
2012
6 Sep
'12
11:35 a.m.
The User accounts page, echoing the Hackage 1 version, says "Passwords are stored encrypted, so if you forget yours we can't recover it, but will need to assign a new one. Just ask." But the account registration page doesn't even ask for an email address, so it would be difficult for administrators to action a request for a password reset safely. If you store the email address, an automatic reset would be feasible, as is common elsewhere.