[ZenoArrow]

Exactly. Ironically it's good advice for master passwords too.

I use a password manager, but we should recognise there is one prominent issue with them, in that they create a single point of failure. The article suggests that the strength of algorithms like scrypt will keep you safe, but that doesn't stop low tech hacking methods (key loggers, shoulder surfing, etc...). We should be looking at using master passwords in conjunction with hardware dongles, if we really care about maximising security.

[dllthomas]

And possibly a handful of master passwords (and handful of dongles) of various levels of security. I'd rather not unlock my bank info every time I want to log into facebook.

[cantankerous]

This is a good point, and one I've wondered about since using LastPass. Having a segmented password safe would be nice for more secure accounts you use less often. I definitely wouldn't like to leave my password safe open in, say, a library.