Since my username is quite simple, I get many unrequested password reset e-mails. This is very annoying, and it also makes me uneasy because I don't know whether someone is accidentally or purposely triggering those messages.
Before twitter had the same issue, but then they implemented an option that allowed you to set up your account so more information would be required before sending such e-mails. Here's the description from their site:
By default, you can initiate a password reset by entering only your @username. If you check this box, you will be prompted to enter your email address or phone number if you forget your password.
If a similar option was added to wordpress.com, it'd be great. Is this something that could be considered? Does anyone know how other websites handle this (maybe there are some who handle it better than twitter)?