This is not a website with a searchable archive, but it collects websites that send you an email saying 'you just signed up and this is your password': http://plaintextoffenders.com/
You know, emailing you your password (while still a fairly questionable security practice) after registration doesn't necessarily mean that they're storing it in plaintext. They could still have the plaintext password in memory during the registration process, including the initial email.
Same deal with a newly generated password as a result of a forgotten password link, though sites should force the user to change that on first login with the temporary generated password.
Emailing you your existing password "out of the blue", of course, is just irresponsible and unprofessional.
"They could still have the plaintext password in memory during the registration process"
This is even worse IMO. so they are sending me a cleartext password that may or may not have been stored in db yet ? what if the db write process aborts while the user still gets the email ? bad bad bad
Same deal with a newly generated password as a result of a forgotten password link, though sites should force the user to change that on first login with the temporary generated password.
Emailing you your existing password "out of the blue", of course, is just irresponsible and unprofessional.