[Discuss] KeePassX

[Rich Braun]

Chuck Anderson suggested:
> for "low value" passwords like web forums, just
> let the browser remember them.

I haven't let a browser remember passwords since the time I noticed that I
could retrieve (another person's) passwords by sitting at their browser and
invoking Settings -> Advanced Settings -> Manage Advanced Passwords -> (look
at each password complete with URL, username and plain-text password).

No thanks, browsers don't even provide a master cipher key.  I can sort-of
understand why, they cater to the lowest common-denominator user, but the
feature is basically useless as soon as you notice this.

Use a tool like LastPass, at least it keeps a master password and you can "log
out" of the tool when you want.  (Though if you're like most of us, you
probably leave such tools available in some forgotten browser tab and are
vulnerable whenever you walk away without invoking the screensaver.)

-rich