If you are given a link to set a password that link will expire when the password is set, after that there is no meaning hacking a link that is useless :). Most people don't change the password when you chose one for them, this can happen for various reason not only lazyness. Mabey lack of time or a new account is created and someon forgot to remove the old one. Then you are exposed especially with unencrypted mail transport.
-
-
I just thought of one more senario, let's say you are getting the email with your password in it and someone standing behind you, he can see your password email and possibly username (this is called social hacking). This will not happen if you type it in with ******** showing on the screen.
Thank you for your understanding, i must say that beside this issue this is by far the best control panel i have ever used
-