Isn't this a security issue? If you put your e-mail in your profile PG could of course check that the request to reset the password originated from that e-mail. But what if you didn't?
Couldn't I send PG an e-mail asking him to reset the password for cpcerciva and take over you account?
I believe this issue was resolved when an email field was added to the profile page of your username. However, I never added my email to the profile page since I didn't go to my profile all too often once I registered "daveambrose" a long while ago.
Well, I presume that pg would use his (human) judgement in deciding whether to reset someone's password. Probably any account which is worth keeping has enough identifying information that pg could verify the owner's identify.
