It's so difficult to track dozens of passwords in different locations. Syncing fails from time to time and you end up with collision correction avoidance syndrome.
Is there a single source of safe, online, commercial password storage anywhere? One that will be around for years to come and one that is truly safe enough to ensure protection?
Use keypass and store the database in gmail, live mesh, or what ever online file storrage solution you want. Then you can always get a copy of it for use assuming you have access to keypass which can be on a flash drive and an internet connection.
If you are really set on an online model, a few of my coworkers use Passpack, and they are pretty happy with it. I can't say yea or nay, because I don't use it, but it seems pretty secure and safe.
I've found LastPass to be a wonderful password manager for my personal passwords. Check out the feature list.
I'm still on a quest for the best (yet affordable) enterprise worthy password manager.
I wouldn't use one online. I would (and do ) use KeePass. On a side note you can check your passwords rough strength here
Bruce Schneier has Password Safe, which is secure enough for Bruce Schneier to endorse, if you care. It might be Windows only though. http://www.schneier.com/passsafe.html
I wouldn't advise using an online service as well. You have no guarantee that your data isn't accessible to others. If you're on a linux system, try Revelation, simple and straight-forward
Have a look at Yubico's Yubikey; it sounds like it might be what you're looking for. A Yubikey connected to a MacBook http://yubico.com/img/finger_key.jpg
http://yubico.com/products/yubikey/
It's default (i.e., designed) configuration is to be used as a one-time pad for two-factor authentication online, but it also has a "static password" mode which will output (the same) 64 pseudo-random characters when a little green capacitative circle is touched. Works as a USB keyboard so it's universal and works even offline. The random string static password can be changed any time.
A little over 30 $ and arrives in a regular 30 gram envelope (which I thought was too cool to be true) and in no time flat.
Honestly, all the tricks of keeping an encrypted file on a USB key are at once a massive hassle and mostly unecessary. All you need is a password with reasonable entropy that you can't easily guess or bruteforce. Enter Yubikey.
I'm developing some OTP online authentication applications with their API; it's pretty neat, actually. I can vouch for its physical sturdyness, too.
Clarification: I offered this as an alternative to online password storage, especially as it's API based and can be used online. Though, it could also act as a replacement for multiple passwords, if you were comfortable with that.
SuperGenPass might be your answer. It doesn't store anything, can be used from any browser, no accounts needed. It works by hashing a "master" password with the top two levels of the domain. I've chatted with the creator, he's a friendly guy.
From their site:
Being javascript it's had plenty of code review, It has a bookmarklet that's worked perfectly on 99% of the sites I've tried it on, and the occasional time it hasn't you can easily use the mobile version and copy and paste.
1Password is great (but then if you are a mac user you might be ok with just a keychain)
The simpler the system, the better.
Consider a password system that consists of:
So, given your master password is very long, fast to type and not found in any dictionary (e.g. Very12%Long91!Password86#EasilyTyped) the password you use at example.com would be a hash of a hash of Very12%Long91!Password86#EasilyTyped+example.com
There are browser extensions that can help you with this. It's slightly annoying to use this system on non-web systems that don't offer to remember passwords and you have to invent a scheme in case someone makes you change passwords every so often.
Of course, you can only enter your master password on trustworthy terminals.