id summary reporter owner description type status priority component severity resolution keywords cc release 1427 require password change upon login with auto-generated password sent via unsecure e-mail Phil Mocek Matt Good If a password is reset and sent though e-mail (these messages are currently sent in-the-clear) a user should be required to change his password immediately after logging in with the new, ''temporary'' password that was sent to him. enhancement closed normal AccountManagerPlugin normal fixed password reset e-mail insecure 0.11