For a project that uses email as the unique identifier, currently set primary can allow can trigger a MultipleObjectsReturned at login.
Since the email authentication is in Pinax the fix could be live there, or with a fork of EmailConfirmation, or some combination of both.
Maybe add a flag to EmailConfirmation, and a fix in Pinax that requires that flag if you're using the email auth backend or at least a warning
Also, this should handle the case that multiple people may add the same email, but it should only be unique once verified. This means the database field for email can not be set to unique.
Also keep in mind the points covered here: