Hello,<BR><BR>I just was wondering if anyone has come up with or knows of a good out of band process for identifying a user is ok to access special areas of a site or sending them a username and password once they are registered. <BR><BR>There seems to be allot of argument on its ok to send password in email, no its not ok to send email cause its not secure yadda yadda.<BR><BR>Currently my company allows a new member to register and does not send them their username or password via email. Leaving the sole responsibity of the user to remember their username and password on their own, and upon this registration members have full access to the site except for confidential areas of the site in whitch the member has to wait 7-10 days to get a pin number in the mail. When the member receives this pin number they must come back and enter it in order to access the confidential areas.<BR><BR>I and many of our members that currently use the site think this is a joke.<BR><BR>So I wanted to here others ideas on a good out-of-band process and informing the user of their username and password securley so they have something to refer back to.<BR><BR>Thanks for the ideas.<BR><BR>JD