It’s pretty wild that we haven’t had this until now, but you can finally reset your password if you’ve lost it, provided you’ve configured an email address on your account.
To do so, simply visit: https://lib.reviews/forgot-password
To protect user privacy, the feature won’t tell you if an account exists for a given email address. To mitigate spam risk, it’ll also only send one token every 3 hours.
The main reason this wasn’t done sooner is that email is a bit of a pain to deal with. To mitigate against spam, it has to be carefully configured to pass SPF, DKIM and DMARC checks (various techniques used to ensure the email is legitimate). This in turn should reduce the risk of email landing in your spam filter.
We’re currently using the free Mailgun plan, which should work well while we’re small. Now that we have the first email feature, it will be a lot easier to add the next one, which will likely be the account request process (sending email to moderators to review/approve requests).