This thread is frustrating. Everyone seems more interested in nitpicking the specifics of what OP is saying and are ignoring that a forum sends you your password (not an automatically generated one) in an email on registration.

  • oleorun
    link
    fedilink
    English
    31 year ago

    In my experience it’s always a tokenized link, no clear text required.

    • @nous@programming.dev
      link
      fedilink
      English
      151 year ago

      Well, the tokenized link is essentially a clear text one time password. Not really any better than just a one time password except for the convenience that the user does not need to type it in. If someone gets hold of the link or password before you they can get access to your account.