Re: Registration notification email not sent & captchas — BP 1.2 beta / WP 2.9.1
1) By default, an email isn’t sent to the user because the user password is sent via plain text (not a good thing security-wise).
That makes absolutely no sense. If you use the forgot password feature, the password is sent via plain text as well. Why is that OK and sending a password upon registration not?
Most big sites, Facebook, LinkedIn, newspapers, have no problem sending passwords via plain text. Online security is always a balance between security and convenience.
Buddypress is a social network. It’s not a banking website. If you start using credit card payments or paid membership, those scripts usually come with the own security.
Who is going to steal a password to someone’s account on a blog network? Has that ever happened? What would they do with it?
Just my 2 cents. Flame away…