When users create an account in my web application, I generate a GUID and use the first 8 characters as their password which is then sent via email.
Is there a security risk I am overlooking in using GUIDs as passwords? I've taken a look at the questionAre GUIDs good passwords?
, but that question pertains to personal passwords not random/generated passwords. Ideally, users will login and change their password if they want to.