Reply To: Multiple Passwords

[Jason]

My opinion is that it would be preferable to have the encryption password distinct from the website password although this was originally discounted on the basis of maintaining simplicity.

A potential solution would be to do what some large websites do. When the user wants to login they get emailed a unique link or a one-time code. This avoids the password dilemma entirely and can be further secured with 2-Step Verification.