I have always been suspicious of the all-in-one-basket approach. Anything has the potential to be hacked; your best defense is limiting the damage.

and keep digital copies on current and retired iphone and an ipod touch and my current and old laptop. To update, I sync only from my laptop using my protected home wifi.

I'm pretty good with passwords, but I can get tripped up when a site's requirements (must use a number/cannot use numbers, for example) force me to modify what I'd originally intended to use. And they *never* list those requirements on the sign-in page, where it might help me remember.

It allows lots of features, including password generation, that I do use for really sensitive (banking) sites.

which you probably already thought of.

The same person who told me he used the password manager under discussion also gave me the advice to have a *really* good password for the email address that can reset your other passwords.

I'd add to that, "don't store it anywhere except in your head and/or a very secure location," which is what I do, but....

Now that I think of it, I'd also add to make that address something not obviously connected to your identifying information.

Man, I wish this OP had gotten more recs. I can't help thinking a lot of people are just an accident waiting to happen.

It's pretty unlikely that any will be broken before they're changed.

And you're probably right. I'll still take my individual passwords, though.

Like what they say about deterrence, not total prevention, for burglary and car theft.

It's not nearly as bad as the CNN article makes it sound like.

In that case the hackers don't actually have access to the master passwords which are encrypted. In theory if the password was previously disclosed and thus the encrypted hash result is already known.

Is Texas the new frontier?

That would be nice! Then we could throw the rascals out. ;->