So the easiest method seems to be to just disable email verification if I want to make things straightforward. The downside to that would be that people could “hijack” someone’s account if it is already existing and they sign up for WordPress using the existing email, right?