[1.2.X] Fixed #10952 -- Corrected the documentation for the behavior of password reset forms and views. Thanks to danielhepper for the report and initial patch, timo for the patch update.

Backport of r13556 from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.2.X@13563 bcc190cf-cafb-0310-a4f2-bffc1f526a37

docs/topics/auth.txt

@@ -898,8 +898,9 @@ includes a few other useful built-in views located in
 
 .. function:: views.password_reset(request[, is_admin_site, template_name, email_template_name, password_reset_form, token_generator, post_reset_redirect])
 
-    Allows a user to reset their password, and sends them the new password
-    in an e-mail.
+    Allows a user to reset their password by generating a one-time use link
+    that can be used to reset the password, and sending that link to the
+    user's registered e-mail address.
 
     **Optional arguments:**
 
@@ -1005,8 +1006,8 @@ provides several built-in forms located in :mod:`django.contrib.auth.forms`:
 
 .. class:: PasswordResetForm
 
-    A form for resetting a user's password and e-mailing the new password to
-    them.
+    A form for generating and e-mailing a one-time use link to reset a
+    user's password.
 
 .. class:: SetPasswordForm