Web Site ID/pwd mangement
"...multiple email addresses for user -- three at a minimum"
This is something I identify with. I currently keep about 10 email accounts active for various uses. I even have a junk email account I rarely check for the web sites that must know my email and which I would only visit this one time.
The advice of telling users to keep different passwords for different web sites is simply lousy. Between my various accounts, I have around 500 web sites that want an ID/password. There is no way I would remember all of them, nor would I care if most of them were hacked. The password manager I do use to keep track of more important ID/passwords does not interface with browsers. The idea of allowing an all-important master password running around the net encrypted or otherwise doesn't sit well with me.
I also have profound disappointments of how OpenID technology turned out. OpenID is integrated into most services like Yahoo, Google or Facebook. There are no more independent companies that could just be the arbiters for the ID/profile information without ceding data access control to the likes of Facebook, Google, or LinkedIn as the web site in question. Until there are platforms for consumers/ internet users to become the guardians of their data, we will continue to have this hodgepodge of user data/password security problem.