Authentication does not exist in isolation from the rest of your app and infrastructure. This can mean that even if your authentication system is reasonably secure, weaknesses in other areas of your app can lead to your users being compromised.
In the last year, we did not accomplish the goals that I wanted to accomplish. We did not take the Mozilla project and turn it into a network-collaborative project in which Netscape was but one of many contributors; and we did not ship end-user software. For me, shipping is the thing