I keep the Dropbox pwd in the PasswordSafe, just like all the rest. ;-)
I use Dropbox just to sync the file; I wouldn't need to login there to access it in the event of a loss because I have other copies.

From Bruce Schneier today:
https://www.schneier.com/crypt...

There are two basic ways hackers can get at your e-mail and private documents. One way is to guess your password. That's how hackers got their hands on personal photos of celebrities from iCloud in 2014.

How to protect yourself from this attack is pretty obvious. First, don't choose a guessable password. This is more than not using "password1" or "qwerty"; most easily memorizable passwords are guessable. My advice is to generate passwords you have to remember by using either the [Diceware password] scheme or the Schneier scheme, and to use large random passwords stored in a password manager for everything else.

Second, turn on two-factor authentication where you can, like Google's 2-Step Verification. This adds another step besides just entering a password, such as having to type in a one-time code that's sent to your mobile phone. And third, don't reuse the same password on any sites you actually care about.

You're not done, though. Hackers have accessed accounts by exploiting the "secret question" feature and resetting the password. That was how Sarah Palin's e-mail account was hacked in 2008. The problem with secret questions is that they're not very secret and not very random. My advice is to refuse to use those features. Type randomness into your keyboard, or choose a really random answer and store it in your password manager.

Just to update the discussion, on March 15, Bruce Schneier's newsletter contained a mention of the same advice described above:

"First, don't choose a guessable password. This is more than not using 'password1' or 'qwerty'; most easily memorizable passwords are guessable. My advice is to generate passwords you have to remember by using either the XKCD scheme[*] or the Schneier scheme, and to use large random passwords stored in a password manager for everything else."
https://www.schneier.com/crypt...

* Note: The "XKCD scheme" is more of a vague concept than a true system and could be done in a way that results in a not-very-secure password. A more rigorous system based on the "XKCD scheme" is described by Diceware passwords: http://world.std.com/~reinhold...

The beauty of a reputable password manager (e.g., PasswordSafe) is that the password database file is protected with strong encryption and a master password. Therefore the file can be copied many times and saved/shared anywhere, even publicly. You can back it up on USB sticks, cloud storage, even post it on a URL of a domain you own. I have many offline and online backups that I keep in various places in case of a data loss. (External hard drive backups, cloud backups, safe deposit box.)

Also, as I noted, sync tools like Dropbox are very useful for keeping the current version of your password database file available on all your devices.

HAH! We were just talking about this on the Ask Slashdot thread about password generators.

YES, password composition rules are bullshit!

EVEN WORSE, are website that block you from pasting in your password. This again penalizes the ideal security model... you are pasting in a long and ridiculously hard to type random password from a password generator.

ALSO BAD, websites that have short password length limits and/or can't support certain characters. All these require workarounds again for password generator users.

Small plug for PasswordSafe on this point... they include a keyboard that allows you to avoid putting the password ever on the clipboard for this reason.

http://world.std.com/~reinhold...
"Entropy of 64.6 bits is breakable with a thousand or so PCs equipped with high-end graphics processors. (Criminal gangs with botnets of infected PCs can marshal such resources.)
77.5 bits may be breakable by an organization with a very large budget, such as a large country's security agency."

And, as someone else noted, this is based on TRUE RANDOMNESS. Everyone I referred to was using the opposite of a random generation scheme; they were describing a decidely specific and NONRANDOM method for generating a password that *looked* random:

https://treskal.com/kha/blog/2...
How Much Entropy in That Password ::
"This means that there are two ways to make a secure password: use a template the password crackers don’t know about (or don’t bother to try, because so few people use it for their passwords), or use any old template and feed it with enough random bits. The former strategy relies on outwitting smart people who spend much of their time coming up with better ways to crack passwords; the latter just takes more coin flips. It’s security by obscurity vs. real security."

Admittedly, 30 is overkill. =) But you know it's enough! And the beauty of a password manager is that it's no additional cost or effort or difficulty to generate a 72 character or 30 character password versus a 5 character one. You just click a button. And you never have to type it; you just paste.

Thank you for the Schneier post. That was a very interesting read. I included the XKCD comic to explain the critique of pseudo-random password templates, and I noted that Schneier linked to an article that explained very eloquently the point I was trying to make about using the weakness of using elaborate "templates" to generate random seeming passwords:

"This means that there are two ways to make a secure password: use a template the password crackers don’t know about (or don’t bother to try, because so few people use it for their passwords), or use any old template and feed it with enough random bits. The former strategy relies on outwitting smart people who spend much of their time coming up with better ways to crack passwords; the latter just takes more coin flips. It’s security by obscurity vs. real security."

Then, Schneier recommended the use of his own tool PasswordSafe to generate random passwords, as did I. So far, we are on the same page. =)

Finally though there is the question of how to generate a good, secure master password for your password manager. Note that I did not include XKCD in order to recommend their passphrase generation method! (This is the method that Schneier criticized.) Instead, I included a link to an article about Diceware passwords. Diceware uses the philosophy just described in the snippet about whereby even if the attacker knows you used it, there is still too much guaranteed entropy for them to successfully attack it.

For metrics on the *lower bound entropy* (thanks, Schneier) of Diceware, here is a link:
http://world.std.com/~reinhold...

"A five-word Diceware passphrase has an entropy of at least 64.6 bits; six words have 77.5 bits, seven words 90.4 bits, eight words 103 bits. (Four words only provide 51.6 bits, about the same as an 8 character password made up of random ASCII characters. Both are breakable in less than a day with two dozen graphics processors.) Inserting one extra letter at random adds about 10 bits of entropy. Here is a rough idea of how much protection various lengths provide, based on updated estimates by A.K. Lenstra (See www.kelength.com). Needless to say, projections for the far future have the most uncertainty.

        Five words are breakable with a thousand or so PCs equipped with high-end graphics processors. (Criminal gangs with botnets of infected PCs can marshal such resources.)

        Six words may be breakable by an organization with a very large budget, such as a large country's security agency.

        Seven words and longer are unbreakable with any known technology, but may be within the range of large organizations by around 2030.

        Eight words should be completely secure through 2050."

Not random... permuted off a common root structure.
I should have been clearer, meaning these schemes "look" random at a glance.

This is interesting to me because of the addition of the hash process. Otherwise, since you must reasonably assume eventually some of your passwords will be compromised in plaintext, your homegrown password generation routine would be relatively trivial to solve for anyone targeting you individually.

Yes. Very good context to add to the discussion.
Passwords are only one layer of the overall picture. Password managers are an excellent solution to operate securely *at that layer*.
But in the larger context, there are still huge vulnerabilities.

Yes, and not only is the clipboard at risk, but the entire decrypted contents of your password manager are in RAM at some point.
If your platform isn't secure, your passwords aren't. PERIOD

BTW. Use full disk encryption. Practice safe computing. Hope you aren't targeted by a nation state.

I can totally understand that sentiment.
And yet the idea behind the strong encryption used to secure the psafe3 file is that, as long as your passphrase to secure it is strong, this file is as good as worthless even to someone who has physical access to it.

Absolutely!
I didn't mention it, but full disk encryption is employed on all my devices.
Security requires a consideration at all layers. You are correct.