Creative usernames for dating sites
What is your opinion on sending the username and password to their email address when they register on our website.way if they forget the password in the future, they can look it up in their email..we wont have to implent the forget/reset password scenario (we are close to release).. Unencrypted communication, especially e-mail, is easily tampered with, and you don't want the wrong people getting at passwords.
The concept is the message received in your mailbox are not in clear text. You need to click the link to access the content of the email.
It's fine to send them a confirmation e-mail with their username - this is useful.
Remember, if you e-mail them their password they're likely to forget about that e-mail, or just delete it.
As for password retrieval, thoroughly read Forgot Password Best Practices.
The bottom line is that an application following best practices should allow a user to reset his own password. The application should not send email, display passwords, nor set any temporary passwords.
Then the hacker could wreak havoc on your site as well I agree with the top answer and have this to add: every time I receive a signup confirmation email that contains my password I delete the email and strongly consider never using that web service again.