I got a reply "Hello Muffet!
I'm sorry, but as you said, if she really 'forgot' her password, she should simply click the "forgot your password?" link on the inlog page.
She'll be asked her security question and if she answers correctly, she'll get an e-mail through her registration mail with a new password (that she should change as quickly as possible afterwards).
As that security question proves it's really her, we can't simply skip over it "