I have a notifications plugin that sends out emails with user variables. A client wants to send user's their username and password--yikes!! Before I tell him "No, I cannot get a user's password". Can someone please validate for me (in case there is any question) that yes, indeed it is not possible to get a user's (unhashed of course) password from the database.
Thanks so much.
You are correct. Moodle stores a one-way hash of the users password. That is standard best practice.
What your client is asking for is (all too common) worst practice. You need to educate them.
Thanks for quick response Tim, I appreciate it. This will help me convince them. I am going to send the reset password link in the email instead, in the hope that will pacify them.
Do you have the password reset link on your login page? We did that and it helped immensely