On receiving a promotional email from developer @ salesforce.com, I decided to check them out. I had an user id, but had forgotten my password. Thereafter started my ordeal, they have diverse sites like wiki.salesforce.com, na5.salesforce.com, login.salesforce.com and many more...
Nothing wrong in having micro sites, in-fact it allows load balancing; But whats missing is single signon & co-ordination between the sites. Also wiki site login did not have forgot password link.
Its password retrieval process is also cumbersome. Amazon and Google have got it right and they Salesforce should learn from them.
Also I noticed a few JSP files, thus I presume they are using JavaEE infrastructure, so the question is why they haven't gone in for SSO?
The Salesforce concept is excellent and forward looking and gives Amazon and Google a good run for their money, but they need to catchup on OpenId and SSO. Maybe, they should look at Liberty Alliance for leapfrogging by using federated identity management.