Quite often in order to active my account on a website I'll receive an email with this:
https://web_site.com/access?uid=1234&secret=456789&login=0123456789&mid=aabbcccdd
Why user id, login, mid or other addition parameters? Why not only a secret activation code?
for example, stackoverflow:
https://stackoverflow.com/users/signup-finish?email=my_email.com&name=my_name123&token=fdsafdsfdsfds&authCode=fdsafdsfdsfds