[zanny]

I'm more a fan of how Persona does it, where you don't click a link at all, just enter your email and the Persona server checks a cookie secret you have to authenticate you.

Fundamentally the solution to all this is that you should have a signin at least once (to get your identifier keys securely) but then every website should authenticate against your keys, not against a username and password, and it should be transparent so as long as you are logged into an "account" you have personal keys for that identity that correspond to all the other services you use.

Really, its how the desktop works, and it is how the web should work, since they are converging and all.