Does mensa store sensitive user data (financial info/ssn/naked pictures), or is it like most sites that store maybe customization options, possibly a calendar, possibly grant access to a forum? Unless there's sensitive data, it doesn't seem all that incredibly stupid to me. Am I missing something?
Of course, I would prefer to generate my own password, rather than using one created for me.
It doesn't matter how sensitive the data you're storing is. It matters how many other sites your users have used the same password on, and what those sites have stored on them. If salting and hashing passwords is all you need to do to help protect your users from their bad security decisions, I don't see why anyone wouldn't do it.
It doesn't really apply here, because the user obviously has an assigned password. Users are quite unlikely to change their other passwords to match their mensa-assigned password.
However, it's an interesting point, and possibly deserves debate. How responsible am I for ensuring a user's security on other sites? Should all password fields be flanked by a flashing message that reads something like: Do not use your online banking password here?
Of course, I would prefer to generate my own password, rather than using one created for me.