So I think I have mentioned this before - but even the best of us can fall apart on security by accidentally entering our password on some dodgy phishing site. I did not too long ago but immediately realised my mistake and changed my password before any damage was done.Anyway, I was thinking as an optional feature to incorporate a challenge-response security check. Sure it uses an extra second seconds of server power, bandwidth and our time but as I said, it's optional for those of us who loads our account with thousands of dollars a week or vendors who may have large amounts of bitcoins stored.So how would this work? Simply add a box where a user can paste their public PGP key and the SR server will save this. Now, when you log in using your username and password, you will be taken to a 2nd screen whereby a random 16 character string will be encrypted with your public key and the SilkRoad key. All you have to do is open your PGP and decrypt this string then paste it into the box provided to complete the security check - just like when online banking asks for security answers or additional checks but of course only you have your PGP. In some ways this means I could freely hand out my password and I wouldn't be at that great a risk (not that I plan on doing so but you see my point).Again I reiterate, this is an opt-in feature where those of us who are very paranoid will take advantage of it and those who don't have PGP established or feel this is a waste of time are in no way obliged to use it.