Hey Davey, sorry for the delay--we had a big oak tree fall over in the community cemetery and getting it cleaned up and made into firewood is taking up my time and making me tired and sore.
Is this the Password Scrambler program you are referring to?http://www.onepassword.com/
If so I don't think very much of it. Mainly because it makes it sound like it can do something that it can't and is impossible if you think about it. You can scramble a password on your end, but how is the person (or server in this case) supposed to know what the password is if you don't register it beforehand? All that program is is a password manager that doubles as a form filler, much like RoboForm. I believe I commented on those earlier somewhere. This one seems to be more secure than RoboForm but many aren't and automating logins can cause more problems than doing it manually. Websites have to fight against automatic logins of spammers and other security concerns, so they won't always work and in these cases a "manual" login is quicker anyway.
I also think it leads to confusion on how password managers work. Password Scrambler's main selling point is that, instead of having the same password on many sites, you can have different ones but you only have to remember one password. That is basically what any password manager will do. The most secure passwords are long random ones--one or two of these you might be able to remember. But when you have more than that, all random, it is impossible to remember unless you are some kind of savant like Rain Man. So one aspect of a password manager is a memory aid. It lists your passwords in an encrypted file that can only be decrypted by the one master password.
It sounds to me like they are calling their password generator a scrambler. Don't confuse the two. All a generator is is a method of coming up with a random password. Once you get that, and enter it as your password when you register at whatever site, you have a secure password. Password Scrambler remembers these passwords and has them stored somewhere, and will attempt to fill in the password when you visit the site. If you store the random password in a "manual" PM like KeePass, you have to copy over the information in the forms to log in--also after entering the master password. So it's the same thing. You're entering a unique password for each site after entering a master password--it just takes a few seconds longer with a "manual" PM like KeePass. Nice thing about KeePass is you can use drag and drop so it makes it even easier than others.
In the Password Scrambler FAQ they recommend that you never copy to clipboard, implying that their way is more secure. However, KeePass, and other good
PM's clear the clipboard of your password after certain number of seconds--I think mine is set at 10.
I mentioned earlier that KeePass has its own password generator but implied it may not be so easy to use. Actually it generates a random password automatically when you create a new "record". How to set the characteristics of the random password is what is not so easy to find. To get to those setting go to Tools
, Password Generator
Well, time to go cut some more. Look KeePass over and decide if you really want it or a form filler or not. I think you can do more and more securely with KeePass. One other thing is you can make a database file just for your wife and the passwords she uses--with it's own master password. Also KeePass isn't dependent of your browser running, so you can store any kind of sensitive information in a relatively secure way.
Will post back as soon as I can.