The implementation issues comprise a very good point. Do you think this is solvable by better libraries? I've been working on my own solid implementation of OpenID for Django to plug-n-play with the built-in authentication system. Can it be saved and, if not, what's the alternative? Teach developers about bcrypt?