(I am preparing a download of SqueakMap for you all to look at and play
with.
It's basically working now including mirror synchronization. Next big
step will be to build a Morphic browser on top of the model.)

But I just realized one small problem. The current idea with the ability
to click on a link to get SqueakMap to mail you a new password for a
particular package/repository is probably not so good. It can be quite
annoying when someone else clicks on the link and you get emails
flooding in with new passwords...

Currently it creates a new random password and sends that because it
can't send the old one since it is stored as a SHA hash. ;-) Hmmm.
Anyway, does anyone have any good ideas on how to handle this?

Some thoughts:

1. I want a password for each registration - it makes it easy to let
someone else take over a registration and you don't need to first create
an account on SqueakMap to be able to register something etc.

2. Currently I save the passwords in the map as SHA hashes. Is that a
good idea? Point being that we can still keep them in the map that
everyone mirrors without someone being able to misuse it.

regards, Göran