Email Password Security
I think there are security issues with using the same password for email and forum, blog platform etc. I would prefer a separate password for email which requires a higher level of security than a forum, etc. Also, how are user passwords stored on your server? Are they in plain text or in an encrypted form?
our password are stored encrypted with bcript. We actually worked quite hard on getting this single sign on for the site and the mail. When we were testing the site this was one of most asked for feature to have the accounts synced site -> mail.