There are a lot of phishing vulnerabilities with OpenID: see http://marcoslot.net/apps/openid/ if you haven’t. One awesome solution I’ve come across is using https://pip.verisignlabs.com/ as your OpenID provider and using their security key.

PayPal uses the security key also (and sells it for much cheaper). They send you a small device that fits on your key chain that has a token that is updated every thirty seconds. This adds an extra layer of security to your login and will help protect your accounts from unauthorized users.

The same device can be used in multiple places like PayPal, eBay, and VeriSign’s OpenID provider. When you use it for your VeriSign OpenID you add that additional layer of security to all places you use that OpenID.

To learn more about the security key, check this out https://idprotect.verisign.com/learnmoretoken.v

When logged in to PayPal, go to this link
https://www.paypal.com/us/cgi-bin/webscr?cmd=xpt/cps/securitycenter/general/PPSecurityKey to order the security key for $5.

When the device arrives, log in to your VeriSign provider and go to https://pip.verisignlabs.com/managevipcred.do to add it to your VeriSign OpenID.

Since the URI given by them is quite long, it might be useful to use a website to shorten that to a smaller id. Signing in to tinyid.us will create a user on that site that will redirect to your other OpenID.

I use webfaction to host a lot of my django projects. It has an easy setup that will get you developing quickly and a great community of talented programmers. There is also a quick setup for rails, wordpress, and a lot more.

Related posts:

  1. How to Speed up Your Django Sites with NginX, Memcached, and django-compress  A lot of these steps will speed up any kind of application, not just django projects, but there are a...
  2. Implementing HaloScan Powered Comments  For some time now, I’ve been using a Magic the Gathering card database for a testing bed for various things....