Resetting the moodle password

If a user forgets their password, moodle has made it pretty straightforward to reset the password. I have had a number of students/users get confused by the password reset process.  I even talked to my customer about disabling the password resetting functionality.  That would have been a bad idea.  Why would I take something away that should be the responsibility of the end user? Because some users seem unable to follow the process?  Because the process is convoluted and creates more confusion than solution?

Leave the password reset process in place.  This is the process

1. Click on the login link
2. Click on the Forgot your username or password link
3. Enter either your username or email address (this requires the user to know the email used when account created). When either or those two entities is provided (email or username), an email is sent to the specified email account.
4. Read the email sent to the email address, it is asking you to verify that you sent the request.
5. Upon verification that it is you, a SECOND email is sent to the same email address with a new password AND a link to follow back to the moodle site where it was initiated.  
6. In the form that you are sent to, copy and past or type the new password in the first form field, then type in the password you would like to use, then type it in again to verify, then click done or save.

If explaining this process to someone say things like "the user needs to be responsible for remembering their email address used when the account was created"  or "if the user forgets their password, that moodle will use their email address and verify that it is them who sent the request and then generate a temporary new password for them to use so they can reset their password to something meaningful".  I may even be inclined to say "tell the student to write down the email address used when creating their moodle account". I can't quiet bring myself to say "write down the password", unless they have a special secure place like everyone does where they keep on-line credentials.