Why I don't set master passwords in programs
There are any number of programs and systems that store passwords for you, most prominently browsers with their remembered website passwords. It's very common for these programs to ask you to set a master password that will secure the passwords they store and be necessary to unlock those passwords. One of my peculiarities is that I refuse to set up such master passwords; this shows up most often in browsers, but I stick to it elsewhere as well. The fundamental reason why I don't do this because I don't trust programs to securely handle any such master password.
You might think that everyone manages this, but in practice securely handling a master password requires a lot more than obvious things like not leaking it or leaving it sitting around in memory or the like. It also includes things like not making it easy to recover the master password through brute force, which is a problem that Firefox has (and Thunderbird too); see Wladimir Palant's writeup (via). It seems likely that other master password systems have similar issues, and at the least it's hard to trust them. Cryptography is a hard and famously tricky field, where small mistakes can turn into big problems and there are few genuine experts.
I have a few core passwords that I use routinely and have memorized; these are things like Unix login passwords and the like. But if I can't trust a program to securely handle its master password, it's not safe to use one of those high value memorized passwords of mine as its master password; I'm not willing to risk the leak of, say, my Unix login password. That means that I need to create a new password to be the program's master password, and additional passwords are all sorts of hassle, especially if I don't use them frequently enough to memorize them. Even having a single password that I used for everything that wanted a master password would be an annoyance, and of course it would be somewhat insecure.
So the upshot of all of this is that I just don't use master passwords. Since all of the passwords that I do allow things to store are not strongly protected, I make sure to never allow my browsers, my IMAP clients, and so on to store the password for anything I consider really important. Sometimes this makes life a bit more inconvenient, but I'm willing to live with that.
(The exception that proves the rule is that I do have a fair bit of trust in my iPhone's security, so I'm willing to have it hold passwords that I don't allow other things to get near. But even on the iPhone, I haven't tried to use one of the password store apps like 1Password, partly because I'm not sure if they'd get me anything over Apple's native features for this.)
I don't have any clever solutions to this in general. The proliferation of programs with separate password management and separate master passwords strikes me as a system design problem, but it's one that's very hard to fix in today's cross-platform world (and it's impossible to fix on platforms without a strong force in control). Firefox, Chrome, and all of those other systems have rational reasons to have their own password stores, and once you have separate password stores you have at least some degree of user annoyance.
PS: One obvious solution to my specific issue is to find some highly trustworthy password store system and have it hold the master passwords and so on. I'm willing to believe that this can be done well on a deeply integrated system, but I primarily use Linux and so I doubt there's any way to have a setup that doesn't require various amounts of cutting and pasting. So far the whole area is too much of a hassle and involves too much uncertainty for me to dig into it.
(This is another personal limit on how much I care about security, although in a different form than the first one.)
Walking away from Google Chrome
In the recently released Chrome 69, Google made a significant change to Chrome's behavior; logging into a Google site automatically logs you into Chrome itself under that identity, leaving you very close to having Chrome sync your local Chrome data to Google whether or not you really want it to. A number of people are very unhappy about this; see, for example, Chrome is a Google Service that happens to include a Browser Engine (via) and Why I’m done with Chrome (via).
new scripts to make invoking it as convenient as my existing
script. My early experience is positive, and in fact the experience is
clearly better than Chrome in two respects. First, I don't have my
Chrome cut and paste irritation. Second,
Firefox will offer to save website passwords for me in this profile;
incognito Chrome quite reasonably never saves passwords on its own, so I
always had to set them up by logging in once in regular Chrome.
(If I was really determined about this shift, I would change my
of incognito Chrome. I'm not quite there yet.)
I'm under no illusions that Google will even notice my departure from the Chrome fold, especially since I use Chrome on Linux (which is already a tiny OS for Chrome usage). But it makes me happier to walk away from Chrome here, and I even seem to be improving my browsing life in various small ways.
(This elaborates on some tweets of mine.)
Sidebar: How I want to set up Firefox to discard cookies and history
(Perhaps Firefox's private browsing would remember passwords if I set a master password, because that option is not greyed out, but in practice I don't do that for reasons beyond the scope of this entry.)