Been a mostly happy camper using PasswordSafe for a couple of years. With Dropbox it’s easy to sync, but no Mac version. Yes, Password Gorilla reads PSafe files, but it has the finesse of it’s namesake and is about as pretty.

The big issue is the crypto. It’s clear that PSafe is solid but, for other products, accurate info is so difficult to get, not to mention reliable reviews by crypto experts. Any one can say they’re an expert, or even write a pretty “technology” page for their product, but who knows? I’ve also been using FFox’s password manager with a master password, but now the LastPass install offers to turn off the “unsafe” pw mgr. If FFox is unsafe that’s good to know, but knowing why would be better.

I’ve got close to 200 entries in PSafe now, including a dozen or so financial logins. I am starting to use LastPass, but immediately there’s a problem: The conversion from PSafe includes dumping all entries to an *unencrypted* file, and then a cut/paste into a web form. Just at a time when serious design flaws have been uncovered in SSL/TLS.
http://www.google.co.cr/search?hl=en&q=%22ssl+flaw%22

Guess I’ll migrate this in two chunks: Financial logins by hand, then upload everything else. Also, I will definitely use Eraser to clean up the unencrypted file left behind and then track down the FFox pw mgr db and erase that also. Feels like progress…sure hope that it is.