https://openid.trustbearer.com

My hope is that for OpenID, and also CardSpace, we’ll find that over time sites offer us the option to migrate from name/password to these other mechanisms.

Right now, you’d be the oddball service if you offered an alternative, so there’s no peer pressure to do it. But when things tip, you’ll be the oddball for not offering alternatives. Then you’ll feel that pressure, and will want to do something about it.

Rhapsody, Yahoo, email servers, medical insurance site, Youtube, Digg, FlightAware, Slacker, Netflix, Myspace, Hotwire, eBay, university site, MetaFilter, MarketScreen.com, Raging Bull, Sirius Radio, etc., etc.

There are strategies for handling all these passwords — mostly to use one ID as often as possible and to record all IDs to a word document the name of which is well camouflaged, so as to be of minimal interest to any possible hacker.

If OpenID can not adapt to dozens/hundreds of existing IDs, then I’m afraid it just gets added to the list of one more site’s passwords. One other concern is how well OpenID’s server is protected from intruders. My computer is just one of many millions. Chances are pretty low that I’ll be randomly hit by a hacker. OpenID is out there labeled as a site containing LOTS of passwords. That’s so much more attractive to hackers than my one measly computer. Do I want to open myself to that magnitude of a risk of computer-identity theft?

Which is why marrying OpenID with a passwordless identity selector is helpful.

See the discussion here
http://lists.laptop.org/pipermail/server-devel/2007-July/000083.html and Ben Laurie’s notes at http://www.links.org/?p=187 and his later blogposts.