Warning: rant ahead.
I hate bugzilla. With a vengeance. Not because it doesn't have features or anything; because you need to log on to it to be able to use it. I've got way too many passwords as it is already that I need to remember. I don't want one to be able to file a bug, thank you very much! And no, I'm not going to give you one of my precious other passwords -- especially not one that I use to log on to my system. So that means I'll have to do ugly things to remember it.
grumble.
Why is it that everyone and their mother uses this fsck'ing I-love-passwords-bugzilla? There are only two Open Source projects that I know of who don't: Debian and FreeBSD. The former uses a home-grown BTS which predates bugzilla by several years; the latter uses Gnats which, ironically (since so many FreeBSD developers have philosophical problems with the GPL), is GNU software. It's no accident that I'm associated with one of them.
One advantage of Free Software is that there's so many choice, and that you can use loads of different software—and this happens all the time, everywhere; consider Graphical User Interfaces (KDE, Gnome, ion, Enlightenment, WindowMaker, ...), shells (bash, dash, zsh, tcsh, ...), kernels (FreeBSD, Linux, NetBSD, ...) etcetera. So why doesn't this happen for bug tracking systems?
I should also add Request Tracker which just got RT Essentials book. It's great trouble ticketing beside corporate looking web page
Bugzilla requires that you log in to submit a bug for the same reason SourceForge allows tracker administrators to disable anonymous posting. Both deny the developer an ability to request feedback. The debian system avoids both problems by simply requiring an email to post, but in turn makes it at least somewhat (a potentially problem that is admirably avoided) susceptable to spam.
Finding the right mix of accessibility to users and meeting the developer's need for ensuring that they can reach bug submitters is one of the challenges of designing a bug tracker. I do not think any purely web based tracker (such as SF or Bugzilla that use email only to tell you when to go look at the webpage) can solve this in any way short of requiring a password, and thus requiring that you provide a real email address. Simply requiring an email field would almost certainly result in people giving garbage email addresses.
Bugzilla has an option to "stay" logged in if you use it from the same computer/browser (using a cookie), that might help.
And there are lots of other bugtrackers available. E.g. 'trac' is very nice for smaller projects that use Subversion (support for other source control is being worked on). And there are also others like IssueZilla, IssueTracker, CVSTrac, RoundUp, Mantis, Flyspray, PloneCollector, etc.
I don't use much else than my laptop these days, which gets moved from one place to the other. Bugzilla detects that and decides my IP isn't valid anymore, or something.
About those other bugtrackers, well, I know; but the point is that they're not used. And I can't just go ahead and set up a trac instance for some project just because I don't like their bugzilla