I've been recently been doing some studying on different security topics and I came across this: Is it more secure to send out a password reset link when a user forgets their password or send the original password unencrypted in an email?
Now obviously I know not encrypting a password is bad because if a database gets hacked, a hacker would have the password. But ignoring that possibility, is it more or less secure to send a reset link over a plain text password in an email. I'm curious to hear everyone's thoughts. Thanks!