Neilo & Officeguy-
Yes, you are right- I should have chosen more polite words. I was irritated, because I didn't use my lowest quality, throwaway password, reserved for when I'm somewhere that I think may not have the best security (and yes- I have a system with multiple passwords that I change regularly). My message was also directed at WA- not the broader support community, but there is no direct email/communication method that I could see, other than the forum. I let my irritation get the better of me- something I don't normally do in forums.
So moving forward- and simply addressing the topic I'd originally brought up. I still stand by my point, and Office Guy- not sure you understand the scenario I brought up (and complained about). Looks like you've been a long term, active contributor to the WA community- so your sign up experience awhile ago may have been different (or you may not recall it).
On the registration form, you input your email address and set a password. There is no reason whatsoever (at least I can't think of one), for WA to then immediately send me a confirm email, showing the password I'd just entered. I can't think of any web design principle that says this is the right way to do it (which is why I was surprised, to see this coming from a web design/tool company).
WA's password change/recovery process, on the other hand, is more secure. They don't send the password out in email, and the password change form is in SSL.
A separate discussion on the topic: