We could always add a seperate part to the login where you pick an item (previously chosen via your preferences) from a group of items. The items would be shuffled every page load so your item would always be in different positions rendering a keylogger and sniffer ineffective. Seems pretty high security that no other websites includes banks even bother with ;) It could still be a fun side project though.

For those who can't picture it. Say we pick 10 words. Each word is displayed on the login page as a radio button. The radio buttons values are randomly picked and the correct one (associated with the correct word) is stored on the server in the user session. When the user picks one it compares there password and word with the session to see if they match. Sniffing would do no good because the values sent back and forth each time would change and have no meaning. A slightly more complex twist would be for each user to have a rule like I pick the word starting with an a, you pick the one with two ee's etc. Anyway it all seems a bit of overkill but that doesn't mean it wouldn't be a fun project! ;)