> Oh, and is anyone out there interested in implementing a password  
> manager that stores passwords *outside* of an image in a 
> reasonably secure location?

I have been working on this very problem for the last few months and have (what
I think to be) a very nice solution which I call "KryptOn".  

For best results, "passwords" (more correctly, private-keys) are intended to be
stored on one of those USB microdrive devices.  My wife just bought me this one
for anniversary gift:

   http://www.knifecenter.com/kc_new/store_detail.html?s=VN53975

KryptOn can be leveraged by any program to provide highly-transparent security
based on the principles suggested for Croquet at 

  http://minnow.cc.gatech.edu/squeak/3770

and it never leaves your passwords exposed in a saved image; it first
overwrites the bytes and then dereferences them during #shutDown of the image.

I have put some information about it on the Swiki:

  http://minnow.cc.gatech.edu/squeak/5785

Questions or comments are very welcome.

 - Chris