Just went trough an old e-mail backup today, found one from geeksandgod, decided to re-try your password retrieval process, and finally it worked.
I have been in contact with a moderator on Facebook about half a year+ ago, concerning the login problem with my account. At that point i had already tried to reset my password multiple times, without ever getting the e-mail.
Which brings me to the password changing process. Having a password requirement that is even more strict than that of my online banking system is not really winning you any super mario coins, you know what i mean?
In short, i would cut the pun–ctatio.n and CaPITAlizATioN requirements, there are far better and more important security functions that you can and should implement, which doesn't involve annoying the user at all. Not that i think it would be much of an issue for smaller sites like GAG, but it doesn't hurt to have some server-side defenses in place.
Other than that, i am happy to be back..:-)