May I suggest that you email a token that allows them to reset their password online? For example, the email will have a link with the token as a parameter (http://www.mysite/com/resetpwd/734jGkagkjKEW9856kj) The token is generally a guid. Emailing a UID/PWD is a security hole as the data is sent in plain text as is storing the pwd unencrypted.

>Thank you for the link. I will review it. But I abandoned my idea of using a Bootstrap/jQuery modal pop up form and decided in favor of a simple ASP.NET form. The purpose of the pop-up form was for a user to recover his password. That is, he/she would enter their email address and the program would email them their User ID and Password (calling SQL Server database first). Putting such functionality (calling SQL Server and sending email) into a pop-up/modal form turned out to be too complicated. ASP.NET form is much simpler.