I have seen several forms recently that requested user to enter some information twice. It makes sense to retype the password that user has chosen. It reduces a risk that user does typo and newly created account will be unaccessible. But these forms asked the user to retype his email address or existing password. The email address is displayed unlike password, so the risk of typo is quite small. But I can imagine that developer thinks that this email is so important to force the user to enter the same information twice. To retype existing password is totally useless. If the user enters his password incorrectly, just redisplay the form. Please when you design some form with duplicated entry of some field, ask yourself – is it really neccessary to bother the user?