Majority provider here providing web hosting services to small and medium businesses, these small businesses don't really care about pci compliances
Company who care about pci compliance will do this in house, or deploy customized software to meet the requirement.
If you want to comply, when creating a new user account, do not email the user their password, look at how credit card company or bank provide you your card pin, they will physically mail you a letter with the userid and seperate letter with the password.
Same for when customer request to reset password.
Alan Woo, alan [@] newmediaexpress.com
= NewMedia Express Pte Ltd (AS38001)
= Dedicated Servers in Singapore | Hong Kong | South Korea | Thailand | Malaysia | Indonesia
= Singapore > speedtest.sg
| Hong Kong > lg.newmediaexpress.hk
| South Korea > lg.newmediaexpress.co.kr