[phase_9]

So store it in Dropbox and have a copy on a USB Key you carry with you (along with a portable version[1] of Keepass)

Also, on the same subject, it's the "all you need is your memory" bit that makes me smile. If you could rely on your memory then why would you need to have these hashing functions in the first place? (:

[1] http://portableapps.com/apps/utilities/keepass_portable/

[icebraining]

So store it in Dropbox and have a copy on a USB Key you carry with you (along with a portable version[1] of Keepass)

If I'm at a cybercafe somewhere, there's a high degree of probability that it won't let me just run some untrusted binary from my USB stick or the web.

Also, carrying an USB stick still defeats the point of being able to recreate them with nothing. I've lost more than one USB stick in my life.

Also, on the same subject, it's the "all you need is your memory" bit that makes me smile. If you could rely on your memory then why would you need to have these hashing functions in the first place? (:

If you can't rely on your memory, how will you know the master password to open the Keepass container?

Simply put, it's hard to remember a password for each and every site, but it's easy enough to remember a single algorithm (plus a master password) for all of them.

[fr0sty]

> If I'm at a cybercafe somewhere, there's a high degree of probability that it won't let me just run some untrusted binary from my USB stick or the web.

1. You shouldn't be typing in high value passwords at <random cyber-cafe>.

2. You can get KeyPassDroid for your smartphone.

3. writing your master-password down somewhere may be useful to your next of kin.

[icebraining]

1. I don't use this system for high value passwords - I have only four or five of those and I can memorize them (and keep a written down copy in a safe place).

2. I don't have a smartphone

3. Not really, due to (1).