This is an idea I've come up with, though I'm sure I'm not the only person to have thought of it.
Wherever there are accounts, there are reports of scamming, hacking and stealing. On Facebook, people can have their identities nabbed or false statuses/etc posted under their name. On things like Habbo and Second Life, if you've put any money into them, your account is seen as valuable. If you follow some kind of notorious "get free credits/money" link associated with these games and give them your password, it takes one guy just a few seconds to empty your character of everything he or she has. On banks and PayPal... well, I'm sure the huge amount of phishing you've heard about, or even noticed through dodgy spam emails, has shown you how scammers are out to get your money.
So my idea for life for today is the Unpassword. When you sign up for an account with any website, you put in both a Password and an Unpassword. What exactly is an Unpassword, then?
The idea's this - if somebody tries to sign in with your username, and the Unpassword as the password, they get shit for it. It could be their IP on the site's blacklist, some sort of tampering to their computer, whatever you like and whatever would be most feasible (I have no idea what'd be best).
So what do you do with your Unpassword? Simple - if you ever get one of those spam emails, virtual life free-credit website things, anything like that, you don't give them your password. You give them your unpassword. They try logging into your account with it - they lose, and you could be notified when you next sign in (properly) that there was a dodgy attempt.
Especially for minor-league scammers this would be a massive deterrent. I'll use Habbo as a good example, as put simply, anything you scam off people in Habbo is only of any use in Habbo. Imagine every item/credit you'd ever scammed, locked out of your reach because you'd tried logging into someone else's account with an unpassword. Are you going to want to keep doing this? Heck no, you're not.
I'm sure high-end scammers would work their ways around these things, but the more they did, the more websites could pile crap on anyone that used an unpassword. After all, 100% of people trying to log in with it are doing it for negative reasons. It's not like the massively flawed thing you see on some sites where 3-5 incorrect logins place a quarter of an hour lock on the account itself.
That's my idea for the day anyway. If it's of any interest, my PayPal password is "saybyebyetopaypalaccess15".