This kind of change to core’s authentication handling (preferring certain authentication schemes, disabling some, etc etc) is excactly the kind of stuff I want to discuss in my session at DrupalCon ( http://boston2008.drupalcon.org/session/openid-and-identity-drupal-future-usermodule ) and work on for D7.

Great workaround for now though! :-)