I've upgraded to 1.1.0. But I am still having problems.
On registration the user enters a username and password - none of which are encrypted.
The user forgets their password. They enter their email address and an email is sent - but only if the server behaviour called 'SecurityAssist Email Encrypted Password' is set to MD5 under the database tab. If it is set to none, I get the message - 'Email failed to send. Please confirm your email settings with your hosting provider.' So why is this. I've read the help details but they aren't making things any clearer.
Also, when and if the user resets their password, it enters an encrypted password. This must be something to do with the way 'SecurityAssist Email Encrypted Password Return' is setup. Here, 'username' and 'password' encryption are set to 'none' - see attached pdf.