I should note that the answer I propose to the first question would only work for sites the user had logged into in the past, and that it would presume that the RP had kept track of which Identities the user previously authenticated with. -Shade