Hello
When i press forgot password i got an email for my login information.
Unfortunately it written in plain text. Shouldn't it written on a bitmap? In my opinion password in plain text is less secure since mail provider or other third party can easily read it.
My suggestion for better secure way, is put reset link password, not current password.
Put encrypted password on database using sha/bcrypt/scrypt also good option. So even employee can't read it.

Thanks ^_^