Originally Posted by Timmmy
How can I be assured that the encryption is implemented properly?
You can't really until you can see the source code of the implementation they use and be able to determine that their algorithms are sound. What you can do is use a program that allows you to relocate the program's database - 1 password has this feature:http://help.agilebits.com/1Password3...ox_on_mac.html
You can then move the database onto a read/write encrypted disk image (but again, you have to trust that the encrypted disk image developers implemented their algorithms correctly too). I would expect that even if the encryption implementations in some programs are flawed, they will still provide adequate security. They are only as secure as the password you use to encrypt them anyway.