OK, Jimbo's DOS-resistant password-mailing feature wasn't too difficult, so I did it. Unfortunately I also accidentally deleted the accounts of the 10 or so people who had previously logged in, so you folks will have to log in again. Sorry about that.
Looks pretty robust now, and no more unencrypted passwords anywhere. 0