Comment Ask yourself (Score 1) 141
What are the actual risks? Just how likely is it that someone will breech your email and what would the consequences be? What would you suggest as an alternative means of delivering both password and password changes?
Consider that if the lost password procedure involves email, then there is no security benefit to keeping passwords out of email (the key to getting a valid password is just as harmful as the actual password if it leaks).