I have previously posted here about the perceived asymmetry of risk in OpenID between OpenID Providers and Relying Parties. I had given the example of the Verisign PIP service and how it allows for password reseting via email with no additional identity verification.
Versign let me know that I should have also mentioned that the PIP provider now supports two factor authentication via the PayPal SecurityKey (a OTP token). There is also newly added Information Card support at PIP that will have to dig into.
Another option for stronger authentication for OpenID is the client certification authentication option available for MyOpenID, which I blogged about a while back here.
It will be interesting to see if two factor authentication (or stronger authentication) becomes a factor in OpenID adoption.