Speaking as someone who works at a public library, I can tell you with
a fair degree of confidence that if somebody installs a keylogger on
a public access station, he's going to be able to collect much more
compromising (to the victim) and valuable (to the miscreant) things
than Perlmonks accounts. Of course, what he'll *mostly* get is a
bazillion free Yahoo and Hotmail accounts, which in general are going
to be worth precisely what the original owner paid for them. However,
I'm confident that any Perlmonks accounts collected would be cleanly
outnumbered by credit card numbers. Which do you suppose the attacker
will be cheifly interested in using?
The one-time-pad idea is a good one, for situations that warrant that
kind of security. I wish banks would use such a mechanism, for instance.
I have doubts about the need for such a thing on Perlmonks, though, and
carrying around the pad would be sufficiently inconvenient that I
personally would, for something like Perlmonks, just take the risk and
use my regular password. (Of course, my account doesn't have any
privileges that would be really dangerous to the site, so all I'd be
losing in the worst case scenario would be my own account; an account
with more interesting priveleges might warrant greater care.)
Sanity? Oh, yeah, I've got all kinds of sanity. In fact, I've developed whole new kinds of sanity. Why, I've got so much sanity it's driving me crazy.