I was testing my checkout flow and entered my e-mail address. The cart helpfully reminded me that I was a returning customer... but I couldn't seem to get the password right, so I clicked "Email me my password."
A few notes and/or questions on this.
1.) It said that it had mailed my password, but then it didn't show up for quite a while-- maybe 15 minutes. This was surprising. A second test was faster.
2.) The password that I received looked like line noise. I'm sure I hadn't entered it. So... is it the case that this was one of those automatically generated passwords because I had used guest checkout previously? If that is the case, wouldn't it be better to just treat customers who were previously guest checkout as *not* having a password?
3.) It looks like when you request a password to be mailed, it's sent in clear text. (I tried requesting my password twice, and got the same line noise-- so it looks like you're not generating new line noise each time.) People don't like to have their personal passwords mailed in plain text... so wouldn't it be better to either
(a) generate a new, temporary password, or
(b) mail a link to a page where they can enter a new password, or
(c) mail a link to prepopulate their shipping info and reset info to guest
4) The return address of the e-mail message was from FoxyCart. While I'm anything but ashamed of you, I think it's better if everything customer-facing comes from the same domain.