I think the registration pattern should be - user enters email to register. email is sent to that email with a link to verify. user clicks link. user gets email with username and password to login in to the profile created for them.

▲

addandsubtract 9 days ago | parent [-]

This reveals the user's password (even if temporary) in plain text in an unencrypted email. Basically the last thing you want.

A better workflow is to send the user a link where they can set their initial password themselves.

	▲	mediumsmart 8 days ago \| parent [-]
		same thing in blue which additionally opens the door for someone else to change their password and lock them out, never mind the quality of passwords users set initially etc. Looking at you, mum, registering a new account everytime you forget the last password.