I hope there are some security-minded folks that can reply with practical suggestions. I've become increasingly nervous over time about the security of the data on my laptop (mostly financial) and online information via the myriad of username/password combinations that are used for everything from e-mail, Facebook and eBay to investments (401k, bank, etc.). For the former, what I've found so far in my research suggests that most things you do (pehaps the simplest is an HDD password) are rather trivial to circumvent and that encryption is about the only real choice. Thus, I'm considering using a software encryption application (e.g. TrueCRYPT) to create an encrypted container on my hdd were I can store sensitive files. 1. My first question is whether using encryption software is really worth the effort (i.e. what degree of security does it really add?). 2. Second question is how on earth to come up with a decent password you can remember without writing it down somewhere (which would defeat the purpose). TrueCRYPT recommends >20 random upper/lower case letters + numbers + special characters. For the second issue (how to manage user id's and passwords), I suppose I could arrange them very nicely in a spreadsheet and store the sheet in the encrypted container on my hdd. I've also seen specialized password manager applications that appear to do the same, but I'm guessing you need a strong password to get to your passwords. I almost see this one as more important than the first, particularly because of direct access to $$. The biggest mistake I can imagine is having a neat list of user id's and passwords on my laptop that if obtained opens the doors to everything. Right now I have a mismash of memory and written hints in various places that probably isn't very secure at all. Sorry for a bit of a ramble, but would appreciate some sound advice. Thanks.