The most relevant comment in the article
is the one that says security of your passwords is not an issue until you open the password manager that uses them...
Ultimately you can throws layers of defence around access to your machine, it's services, the OS, etc. etc, but as soon as data has to be used or seen it is at risk. This suggests that the only safe data is that which is never accessed and not accessible. Otherwise there will always be threat vectors.
I would like to think that these tools will be fixed where the entire password catalogue is stored in plaintext, and they are decrypted on demand. But decrypted they must be while systems are accessed in a way where credentials must be entered. The benefit of this, is that I own my own credentials (albeit with described risks) whereas a lot of the alternatives you have to trust someone else and their own infrastructure to manage your identity for you.
Big Brother, or incompetence could make this more catastrophic than the loss of individuals credentials if they happen to be the one unlucky enough to be compromised. Bearing in mind the general public don't even seem to care about being compromised unless it slows down facebook too much we, although right, are not barking up the right tree.
Biting the hand that feeds IT
