Thanks to OpenID and OAuth, the Open Social Web is Beginning to Emerge

[bct]

So use a good password, and don't use an untrustworthy OpenID provider.

Most sites will send auth details by email if you forget your password; having your email password taken is just as much a risk as having your OpenID password taken.