Security now was talking about Verisign labs who offer a security key chain for there openid server. Paypal is offering them for less-than-cost; only $5! I picked up mine some time ago; they work great! The openID end is fun, however because it's all so new; no major company is using it. Signing in to openID has blended a nice mix between security and ease of use. Sites need to be given permission by PIP, item-by-item you offer information to a site (name, age, location, etc.) The site knows to use Verisign as your openID provider by a URL you give them. To make your life easier, you can get a firefox plug-in that will enter it for you when you click on the field; normally at this point... if you were not already logged into PIP, you will get a login screen. I type in my user name and password; then it prompts me for my number... after that; I'm back on the site I was originally at; logged in. Because, to many this may sound like a hassle; let me tell you what hassle you have just avoided; no matter if your normal user name is used or not; the login steps are the same... No matter if you have an account with a given site or not, you can give a new site your info without entering your data over and over again. Also, if it's a site you don't want to 'keep' an account at any site, you can make it good for this one time; or for xxx amount of time!
I played around with this thing for a while; and now that PPP are out, I'm still feeling quite safe with PIP, and the key chain. It's just one more layer of security between me and paypal/ebay, and in the future maybe other sites (Verisign labs is an open platform, if you have the money, you can use these keys for you business, and if someone already has one, they don't need a new one.
