Email confirmation isn't a CAPTCHA: If you can write a robot to sign up for reddit.com, then surely you can write a robot to send a "HTTP GET" request for every link in your email account.
There are three obvious purposes for email confirmation:
- Users often forget their usernames/passwords. Usually the only way to remind them is by sending them email. If they used an invalid email address (purposely or accidently), you will end up with support emails saying "I forgot my username and password but I don't have any evidence that it is actually my account!" Email confirmation ensures that you can communicate with the user on a side channel.
- When raising money / selling advertising, how many users' email addresses you know is a big deal. People use this metric to judge how "engaged" the user in the site.
- It makes it difficult to have multiple accounts. Again, advertisers/investors look at the number of unique users when deciding to fork over money.
If the user will be storing any important information/money solely using your service, you should go through the confirmation process ASAP so that they don't get locked out of their data/money. If your site is a "waste your time and hopefully click on my ads" service, then:
(1) Have a page where the user enters his proposed username/password, with no email field. This makes it look really simple to sign up.
(2) When the user submits #1, bring up a page with the email address field. This page should already show the user as being logged in & show/hint that the user has already unlocked whatever functionality requires an account. The big print on the page explains why you are asking for it and your amazing privacy policy. The fine print tells the user that it is optional but highly recommended, and remind about your amazing privacy policy.
(3) If/When the user submits their email address, send the user an email. But, unlock the account functionality without requiring confirmation.
(4) In the email, provide a brief explanation of confirmation and provide the confirmation link. Automatic password reminders can only be done after this initial confirmation link has been requested.
There are three obvious purposes for email confirmation:
- Users often forget their usernames/passwords. Usually the only way to remind them is by sending them email. If they used an invalid email address (purposely or accidently), you will end up with support emails saying "I forgot my username and password but I don't have any evidence that it is actually my account!" Email confirmation ensures that you can communicate with the user on a side channel.
- When raising money / selling advertising, how many users' email addresses you know is a big deal. People use this metric to judge how "engaged" the user in the site.
- It makes it difficult to have multiple accounts. Again, advertisers/investors look at the number of unique users when deciding to fork over money.
If the user will be storing any important information/money solely using your service, you should go through the confirmation process ASAP so that they don't get locked out of their data/money. If your site is a "waste your time and hopefully click on my ads" service, then:
(1) Have a page where the user enters his proposed username/password, with no email field. This makes it look really simple to sign up.
(2) When the user submits #1, bring up a page with the email address field. This page should already show the user as being logged in & show/hint that the user has already unlocked whatever functionality requires an account. The big print on the page explains why you are asking for it and your amazing privacy policy. The fine print tells the user that it is optional but highly recommended, and remind about your amazing privacy policy.
(3) If/When the user submits their email address, send the user an email. But, unlock the account functionality without requiring confirmation.
(4) In the email, provide a brief explanation of confirmation and provide the confirmation link. Automatic password reminders can only be done after this initial confirmation link has been requested.