scott_karana created Redmine issue ID 8790

Yes, I'm aware of Bug #7278, where this was closed already.
I completely understand showing the user their password, but the fact that it comes out of the blue should be unacceptable if the user is security-conscious.

For example, if I've gone into User>Profile>Reset Password, there is no indication that my new administrator password is going to be echoed back in the plain.
In fact, the use of fields makes it completely deceptive.
Imagine my surprise!

A simple warning div near the password fields would resolve this without changing any design choices, unlike in the previously cited bug #7278.
Text could presumably be something along the lines of "Note: your password will be shown to you for confirmation when you press Save".

I can try to take the time to throw together an ugly patch if nobody is interested but I'm really not much of a coder.