i feel a little insecure about the way ubercart creates accounts for anonymous users and shares the username/password.

when an anonymous user checks out with an email address that doesn't match any accounts, a new account is created and the username and password are shown on the "order complete" page.

if an anonymous user checks out with an email address that matches an existing account, no new account is created and the text does not make it clear that an account already exists.

which means that, if i know that ryan@ubercart.org is going to buy something from http://www.enormousshop.com, i can buy something anonymously using his email address BEFORE he does, and i'll get the username and password for his account.

later he buys something anonymously, and ubercart does not show him the username and password since there's already an account for his email address.

assuming ryan is too busy to recover his password and change it, or doesn't even know an account was created, i can come back in and see his order details, get his address, maybe download his downloadable items, etc. etc. etc.

again, it's a pretty unlikely scenario, but it seems like it would be safer to suppress the username/password info from the order complete page and just keep it in the email.