fantastic. any application that has a password should also provide a method to generate a few one-time log-in urls that one could use from untrusted computers/environments. These uris could be issued with different privileges: e.g. for email, providing just access to the data younger than maybe two weeks.