BE 2.0 has a password reset option. The Upgrade instructions are
If you upgrade, the password reset option may or may not be turned on by default -- it's a setting in the control panel where you can control whether password resets are allowed. If you turn it on, then on the Login page, the person can click a "forgot
your password" link. It will ask them to enter their email address tied to their user record. When they enter the password in, it will send them a new password by email.
The password reset code itself is essentially just one line of code, which can be
seen here. So if you didn't want to upgrade to 2.0 for just this, you could use that line of code to reset the password. That line of code is Membership.Provider.ResetPassword(.....). You could quickly test it out by putting the following
line of code into "Page_Load" of login.aspx.cs (in version 1.6.1).
... substitute USERNAME with the username of the user who forgot their password. This should output the new password generated at the top of the page. The new password generated will probably be some random characters.