Security end-point in human brain

The danger of that approach, of course, is that a site owner (or a hacker who 0wn5 two or more sites where you registered) can read your password (and probably it’s based on a fairly simple - otherwise you couldn’t remember the rule - formula that takes into account the domain name and/or your email account or username) and then attempt to deconstruct your formula before he heads over to Gmail, Hotmail, HSBC and few other sites where you probably go.

Related to this topic: approaches based on shapes/sign recognition seem nearly as secure as complex multi-word pass phrases. The problem is how to prevent webcam and screen monitoring. Unfortunately some sort of h/w device seems to be necessary for proper protection on shared devices. I say unfortunately because it’s so annoying and also expensive.
For example, http://www.bitcointrezor.com/ came out. It’s very nice, but like I said I dislike the idea that this thing costs me more than to own a bank account (so much for low cost cryptocurrency accounts). I won’t even ask what happens if you lose it, but it’s probably OK to ask what happens if it breaks?