Effective Security for Web based services

As we continue to see more and more Web 2.0 type services, we should all be looking to providers of those services to deploy equivalent NEW technologies for securing access. There are many solutions out there. Some of you may be aware of hard tokens, challenge phrases or questions, biometrics, cognitive decryption and IP Intelligence. User Name and Passwords can be stolen very easily and service providers are still using them as the only key to their service. Key Loggers are very easy to get and the techniques for using them maliciously is just as easy to obtain. I pose this question; what if a student was to put a key logging device on an administrator or teachers PC? Would they be able to capture her credentials and effectively use them to change grades, clear out records, steal SSN's of other students? The answer is yes. I am looking for advocates who use the aforementioned providers services to recommend better login security. Now, I realize this is an informational blog, but please take a look at vidoop.com or myvidoop.com and read more about the options available to these types of providers. Refer them to Vidoop or simply encourage them to look at beefing up their systems to protect those who might be vulnerable.

I am attaching a copy of a white paper talking about the specific solution I mentioned above. It should make perfect sense. Also, anyone who would like an Open ID account on myVidoop.com, please post a reply asking and I will send one to you.