Security of Password Managers

 There were two papers studying the security of password managers:

• David Silver, Suman Jana, and Dan Boneh, "Password Managers: Attacks and Defenses."
• Zhiwei Li, Warren He, Devdatta Akhawe, and Dawn Song, "The Emperor's New Password Manager: Security Analysis of Web-based Password Managers."

It's interesting work, especially because it looks at security problems in something that is supposed to improve security.
I would  recommended a password manager to solve the very real problem that any password that can be easily remembered is vulnerable to a dictionary attack. The world got a visceral reminder of this earlier this week, when hackers posted iCloud photos from celebrity accounts. The attack didn't exploit a flaw in iCloud; the attack exploited weak passwords.
Security is often a trade-off with convenience, and most password managers automatically fill in passwords on browser pages. This turns out to be a difficult thing to do securely, and opens up password managers to attack.
I specifically recommend a ideal password manager  not to automatically fill. I specifically need it to be a standalone application where it allows you to choose longer and stronger passwords and store it. The fast way to transfer a password from Password Safe to a browser page is by using the operating system's cut and paste commands.