>> their database already have your account user name and password
They had better NOT have your password in their database. If they do then they're completely incompetent and you need to run like the plague. No database should ever store a user's password. Instead it should store a one-way HASH of the password. If you ever forget your password and click the "Forgot Password" and get an e-mail with your password, you know they're violating good security procedures. Instead you should be given a temporary NEW password and told to reset it. Passwords need not be stored to be authenticatable and hence should not be. And the key word in "one-way hash" is "one-way". Or is that two words?