As a security measure it's best not to e-mail passwords to people. Passwords should be hashed and saved to the DB right after they have been entered and never, ever be viewed as plain text again.
Tue, 07/29/2008 - 05:47
Hi Xano,
Passwords are
Hi Xano,
Passwords are handeled by Drupal. So posting this here might not help a lot.
Regards
Mark
Sorry,
Forgot the direct
Sorry,
Forgot the direct signup.
Drupal is handling passwords correct I believe.
Only problem is, do you really want customers have to login first before they can checkout? This might make your system a little bit less user friendly...
Best regards
Mark
splash112@drupal.org
Hi Xano,
Passwords are handeled by Drupal. So posting this here might not help a lot.
Regards
Mark
Yeah, but site administrators decided whether to show passwords as plain text in e-mails or not 
Re: splash112@drupal.org
Hmm... it is a Drupal issue, since the passwords are e-mailed in both the normal and administrator user registration forms. Ubercart invoices can optionally include the username/password, but you can take that out of your invoice. Further, Ubercart checkout for anonymous users uses the site-wide registration e-mail... so, if you change it there, you should no longer be sending passwords. 
EDIT: This is the point where I realized you were talking about our site.
I'm not too worried about changing it for Ubercart.org in the short term... you can always change your password after you've registered. It might be a little more necessary for your e-commerce sites, though.
Thanks for the suggestion, and I'll keep it in mind for the future.
Just my 2 cents.