Best practices for login pages?

Question

I am working on a single sign-on login page using Shibboleth that will be used for a variety of web applications. Obviously we would like to make this page as secure and usable

Answer 1

A useful tip for come circumstances: You can disable client-side password saving by adding autocomplete="off" to the password field.

That doesn't work on all browsers (if I remember, IE 6+ and Firefox 3+)