Best practices for login pages?

Question

I am working on a single sign-on login page using Shibboleth that will be used for a variety of web applications. Obviously we would like to make this page as secure and usable

Answer 1

Realize that your user is going to spend all of 10 seconds on that page generally, it really doesn't matter what it looks like so long as it is obvious where to put your user ID and password. Other than that just don't be one of those sites that offers to email me my password if I forget it. At least let me believe that it's hidden in a nice salted hash somewhere where you can't retrieve it ever.