OpenID is still as insecure as every other password-based authentication method out there. In fact, it is even worse because if someone gets access to your OpenID, they have more than just that one account now. Of course there's also phishing attacks, but we're all savvy programmers, database and system administrators, so we wouldn't fall for such things, right?
Authentication security is based on trust. As others pointed out, why would you trust a third party to potentially sensitive information? Sure, you can set up an OpenID server yourself, but how much hassle is that vs. maintaining separate passwords on multiple systems? Sure, you can create secure passwords that are long and full of non-alphanumeric characters, and even store them all in a password manager (I do), but some sites are flawed in that a simple password recovery form can be filled out to gain access to reset the password.
I would probably be inclined to support and even evangelise OpenID if it did secure private key-based authentication, a la SSH or PGP. Maybe that's a matter of a provider offering such a method - I haven't looked into it [yet].
Finally, while we all trust OpenID enough to use it to authenticate on Stack Overflow, my OpenID is a "throwaway", and its not like I'm using this as a professional reputation building tool (ie, my real name isn't involved ;-)). I'm sure I'm not the only one (as cool and awesome as this site is!).