What is the issue with email verification for SIGNUP? This is pretty standard practice as it is. Eventually you need to contact the user, so better to make sure the email is correct from the beginning. If not, I could for example sign up for mail chimp with your email then proceed to send a bunch of people lude spam, leading to mail chimp then sending you angry emails. Even if they use it appropriately, if you later ever want a mail chimp account it will tell you you already have one, leading to true confusion.
There is nothing wrong with email verification. There is something wrong with hiding what is going on from the user. If you try to "secure" your site from people finding out if a particular email is registered, you end up with a massive increase in login failures, which was the point being made. You also make it so that when I say "I forgot my password" and fill in the wrong email address, I am sitting and waiting for a password reset email that never comes. Every portion of the account handling process is made significantly worse by trying to hide account info, and there is absolutely no benefit to doing so.
