I've turned off the password requirement on the checkout page (by passing a hidden field value for the customer phone from my product form).
The first thing I noticed is that after doing so the email field on the checkout form no longer requires a value (although an asterisk still appears next to the field label).
So I manually added some code to make it a required field. That works as far checking to see if there's an entry. But it doesn't validate for format. So if I enter an improperly formatted address (for example 1 or a@a) the order can be submitted, although it then returns an error from the payment gateway (Cybersource in my case).
So I'm guessing the way its coded is that email validation is fired by the Continue button. Remove the Continue button (by removing the password requirement) and you lose email validation.
I guess I can add my own validation script but was wondering if anyone else has a better solution. And for anyone bypassing the password requirement, be forwarned.