Hi - I was sitting with someone who I was helping get started as an author on a site I administer. He would enter a login name and password, and we would get a message that we had to enable cookies. The same thing happened when trying to respond to a comment.
Even after making it a trusted site and ultimately, allowing any and all cookies (on IE), we continued to get the same message.
I, on the other hand, was able to login just fine, which means that it has nothing to do with whether cookies were enabled.
Finally, I realized that my issue is that I am assuming that someone should be able to register for my individual blog (like they do with my other wordpress blog, which I have hosted elsewhere), while they actually need to register with wordpress.com.
So one suggestion is that the error message be changed to indicate that someone needs to register with wordpress.com, and provide the link.
But better yet, I suggest that the login screen that appears (when logging in from a blog page) have a "register" link that brings them to a wordpress.com page that informs them that the login name and password they are using will work with any wordpress.com blog.
I guess if one starts out by accessing blogs at wordpress.com or blogger or typepad, then this might be a no-brainer. But coming from the world of individually hosted blogs (e.g., wordpress.org, Movable Type, etc.), it is not obvious.
I hope this is helpful.