ThedailyWTF's sign-up form is worthy of being in some kind of hall of shame. I e-mailed the site owners about it, but I have not heard from them in approximately 2 weeks.
The problem is that it asks for the user to enter his e-mail address twice, except that the e-mail address field isn't obfuscated, so there is no need to enter it a second time. Password fields demand the user confirm a second time because their contents are invisible. There is no need, ever, to confirm a visible field in a form. Some idiot web developer, somewhere, sometime, thought it was a great way to avoid people entering fake e-mail addresses, except that people enter those incorrectly on purpose, being sick of having their privacy abused.
The practice has caught on and nobody questions its lunacy!