I like using OpenID. I just use my domain name as a delegate and point it at my current OpenID provider of choice for authentication (which is currently my Google profile; used to be myOpenID 'til they went down for 1/2 a day). As long as I retain my domain name, I can control authentication, even if my current provider were to be compromised (just point my domain name/delegate at a different provider).

The problem, of course, is a lot of sites still don't support OpenID.