Please remove sensitive private info from lgnForgotPassSentTpl

[donShakespeare]

https://github.com/modxcms/Login/blob/master/core/components/login/elements/chunks/lgnforgotpasssenttpl.chunk.tpl

Something many users might not know is that when you allow the feature "Reset Password" you need to really really really customize this one uncommon tpl

[[!Login? &sentTpl=`lgnForgotPassSentTpl`]]
Otherwise, any lurker can get any user's email address if the lurker knows a username.
The lurker just has to attempt to reset password by given username.

The unusual default HTML of that tpl is something revealing like this...
<p>Your login information has been sent to the email address [[+email]].</p>

[matdave]

What would be the preferred semantic? If a username or email address matches, we will send an email with the password reset link.?

[donShakespeare]

This is what I use
<p>Your login information has been sent to the email address associated with your account</p>.