When I try to comment on sites hosted on wordpress.com and I use my main email address I get a notice that says something like “The email being used is already registered with us, please login to your account”.
I guess that the idea is to try and prevent people from impersonating another commenters, but the implementation is an awkward one as it assume that everyone is an impersonator until proven innocent and add yet another step, for anyone not currently logged in to wordpress.com, in sending a comment. I wonder how many people just abort the comment at that stage, I know I have done it at least once.
It is also strange that you have to identify against wordpress.com when there are other identity providers like google, facebook and twitter which can also be used to verify the email address.
And all of this is because the idea behind the gravatar service, which is now fully integrated into wordress.com, is naive – you should not identify people by something which is a very public information like their email address period.
What could they have done better? This should have been an opt-in kind of service.I don’t think the chance of anybody trying to impersonate me is higher then zero and I am willing to take the risk in order to have easier life. In addition the best way to verify an email address is by actually sending an email to it and asking for an action to be made. Maybe something like “we detected that you are commenting on xxxxx, if it isn’t you, you can remove the comment by clicking the link yyyyy”. Sure there is a risk of spamming the email address that way, but it might be effective enough to reduce the impersonating attempts to zero.