Password security

isofa

Unless you actually have some active spyware on your system, logging keypresses etc, it's very unlikely you'll be the target in a related manner as you speak about.

Make sure you keep your anti-spyware and anti-virus up-to-date.

The more likely scenario is for people to log into a phishing website (a spoof website that looks identical to the bank you are using) - then entering your details, this is far more common, then the bad guys then have your account and password. Hence always type in the URL / address of the site yourself and always look at the address in the address bar to make sure it isn't something weird but is the real address of the organisation you are logging into.

The great thing about KeePass is it doesn't store anything on the host PC (if you run it from a USB key). I'm in the industry like Matt, and it is one of the best products in my opinion.

The reason for asterisks is to stop someone looking over your shoulder and copying your password. As long as you are logging into a secure site, padlock in the corner of your browser, and https in the address rather than http, everything is encrypted over the connection between you and the site you are using.

Finally to be more secure, use FireFox and download the NoScript plug-in, then only allow sites/scripts you are sure are safe.

frivolous_fay

I like Egg Money... I think it's similar to some other systems above. It remembers banking passwords and login info for you.

Obviously you want to be confident in your computer security first. (And check that your bank's T&Cs don't forbid it, some do)

ormus

http://news.bbc.co.uk/1/hi/technology/7090096.stm

i use a simple password for sites like MSE. but more complicated ones for banking and ebay etc... that way i only have to remember about 4 x PW.
i agree that the more secure ones need to be a word not in the dictionary and also should have some numbers in it somewhere.