Description
Let me add something to this discussion thread #495
The users are typically created by an administrator in Blog, Forum like web applications and are typically given the roles of moderators, editor, etc. In most of the web apps, an admin creates the co-admins and not regular users.
However, in all the cases, the admin does not create/enter the password of the other users. He can make them Inactive, if required but does not change their password.
Sending a password in an email is not a good idea. The email could be seen by an admin of the email server. Just send a link in the email which when clicked takes the user to the Register/Enter Password screen.
Also let the user allow choose his own username. Also the admin may not be knowing his proper first and/or last names. So probably, sending a plain Invitation link is what I consider as a more effective solution. So my proposed solution is something like this ....
a. The admin enters a list of email addresses in probably multiple entry field and chooses one of the pre-defined roles, let's say, staff and clicks the Invite button.
b. The user clicks the Invitation link and the system takes her to the Register Screen and during Save he is assigned the role which the admin selected in the first step.
Kindly consider this proposal.
Thank you