Better to memorize 3-4 master passwords. I heard about KeePass password management utility but never used it.

A new authentication device will be available later this year - based on Hitachi's Finger Vein imaging (VeinID) and fingerprint identification technology.

1Password. http://agilewebsolutions.com/products/1Password

+1 for 1Password. It also can generate difficult passwords for you, so you're not even aware of what they are. Add private sharing via Dropbox and your secure passwords are with you on every machine.

"private sharing via Dropbox"

Wouldn't that expose your passwords to a prying DropBox admin? I don't use DB, so I'm not sure whether you generate your own key to encrypt data at rest.

Your password archive is encrypted at rest with a passphrase that you set. Even if you got my password archive and you had 1Password you'd still need to crack the master passphrase before it would be useful.

this looks like it has some really nice organizing features, but it looks very proprietary... and it doesn't seem like there's any data portability, which I would think might be important for data like this....

$ nano passwords

<enter all your passwords here>

ctrl+x y

$ gpg -c passwords

and you have all your passwords in a password protected and encrypted file. To decrypt:

$ gpg passwords.gpg

sounds ok, does the -c mean that I don't need to make any keys, like if I look at the file on another computer?

yes - it's just password protected and encrypted with the passphrase you use when gpg asks you. all you need to open the file on another computer is gpg and, of course, the passphrase used.

even better - when you need certain password you can do:

$ gpg -d passwords.gpg | grep yradunchev@mail.me

and you will get the password for that mail account only and the entire encrypted file will stay encrypted and never will be saved as plain text file on the system you use at the moment.

of course you need to keep this file in a secure place as well, because if you don't need keys, then anyone in possession of the file can brute force the password, right? (this assumes that the password you've chosen isn't random w/ non-alphanumeric chars, too long, etc.) ....then that requires another password for dropbox, etc..... it never ends if you start to get paranoid I guess.

yeah - if you start to get paranoid you will end in a mental institution :)

no, seriously, if you choose a good 'primary' password -it's ok. Choose somethimg around 10-15 chars and use digits, caps, smalls, special. But do it in a way that it's easy to memorize. There is a plenty of papers on how to do this around the net. But in short (and very paranoid way to construct password):

1. Get a phrase that is meaningful (for you at least);

2. Get first letter of the first word, second letter of the second word, third from the third etc. If there is not fifth letter in fifth word - use last one;

3. Substitute some of the letters with look-alike digits or chars: A for 4, a for @, l for 1, e for 3, s for 5, g for 9 etc etc;

4. Make second, forth, eight (or first, third, fifth) chars uppercase (if they are letters);

5. Done.

It sounds complicated but it isn't. It's easy. And soon enough you will be able to construct such a passwords in a seconds in your mind. :)

example:

'Someones screaming my name, Come and make me holy again, Im the man on the silver mountain'

1. Scyeedeeynmennern

2. sCyeEdeeYnmenNern

3. 5Cye3deeYnmenNern

Not very good example because all of these repeated characters but you get the idea. You can memorize it just singing Rainbow's 'Man on The Silver Mountain' to yourself :)

And don't go very paranoid. If you want to be very very very very secire - use retina-scan device or DNA tests before you give access :)