Do you use different passwords on every site? I have three tiers of passwords I use depending on how much I care about the site in question. I can do the same thing with OpenIDs, although most of the sites that support OpenID in the first place fall into the lowest tier of necessary security.