I definitely agree on the password management recommendation. It's practically impossible to pick secure, unique passwords for each site that you have an account on -- and then remember them later!
The 1Password generator seems useful. This is similar to OneLastPass (http://www.onelastpass.com
), which I've been using for a while now, except that OLP extracts the password rules from sites automatically in order to create the most secure password that the site will allow. Also, OLP doesn't store the password or login information anywhere, but just re-hashes the master password with the URL every time to deterministically regenerate the password.
From a security standpoint, I think this is even better than LastPass (from which they obviously ripped the name!), since the latter stores the login/passwords on it servers. The risk of this is pretty apparent, since their servers were hacked last year (there's a summary on Wikipedia).
BTW, squid, I totally agree about the sites that disallow pasting of passwords. Even worse are sites like TradeKing that force you manually punch in your password using their onscreen keyboard!
Anyway, thanks for the insightful article.