I just read this article, CNN.com - Microsoft admits major 'Passport' flaw - November 3, 2001, that describes how someone was able to get someone else's MS Passport details through a fairly simple process. This is very bad. MS is banking on Passport, and more generally the .NET services, for their future vision. But security breaches like this will totally kill consumer confidence.