Make your sign-up procedure multi-stepped. For example, I come to your site and fill out the membership form. You run an REGX check on the email I provided. If the check passes, you display a screen informing me that my account information has been mailed to the email address I just provided. If the check fails, tell me that it failed and prompt me to re-enter my address.
The key is to auto-generate a password which I need to use to login the first time (after which I can change it). Easiest way to generate the password is to use the random number generator and an array of characters:
<?php
// define the length of the password
$len = 16;
// characters to create password with
$chars = array('A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z','a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z','0','1','2','3','4','5','6','7','8','9','#','@','','%','$','&','~');
// seed the random number generator
mt_srand((double)microtime()*1000000);
// create the password
for ($x = 0 ; $x != $len ; $x++)
$pass .= $chars[mt_rand(0, count($chars))];
?>
-geoff
