I recently decided to upgrade my password policy to be more secure. My actual workflow is the following:

I use a set of "patterns" to build my passwords, depending on what the password is for, so that I can have different passwords everywhere that I can recover quite easily. But it's flawed in the sense that those password are "predictable". So I'm moving toward randomly generated passwords, managed via a keyring. This solution, while being more secure, require more efforts to deal with. Here are a few problems that need to be solved:

• Portability: it should be easy to carry with you, and work on different systems
  
• Security: this holds all you passwords, so someone getting his dirty hands on it should NOT be able to access it, at all costs
  
• Usability: you login to different services a lot everyday, it should be easy/quick to use
  
• Availability: you should not depend on the machine you're using to be able to use your passwords. You need a way to use it everywhere
  
• Reliability: you don't want your password keyring to be corrupted, as it will lock you out of everything
  
• Stupidity-proof: As for reliability, you'll probably want a sort of "backup" solution, in case your primary solution goes wrong
  

I did not found a solution to all these problems. So far, I imagined the following:

• Portability: plain text file, with one password per line and a hint for each password
  
• Security: encrypt the file with a modern algorithm (AES, Twofish, ...)
  
• Usability: a quick CLI program should be enough to grab passwords, and easily scriptable
  
• Availability: I'm not sure about this one. Make it publicly available via HTTP perhaps? no idea on how to sync it accross devices
  
• Reliability: add checks upon encryption, before replacing the file. Or maybe versionning it
  
• Stupidity-proof: Have it backed-up in plain text on an encrypted USB stick
  

What do you think about this system, would you use it yourself? If not, what would you do differently, or what would you improve?