We are rolling out an intranet AD-auth password store after increasing numbers of us have started using keepass and one or two other password stores in work. This will really help educate users on the practice of having stronger, more varied passwords.

I have one password that I use variations of for most day to day things, but then I randomly generate passwords for sites where security is more important and these all go in keepass. My keepass has a passphrase and key to access it with the database file and the key stored in dropbox folders. I'm a bit paranoid about passwords so I often play coy about naming where the login is for so that even if someone cracked the database files (which I worry about with a program where the code is downloadable and interragatable) they still would have to work a fair bit to match the logins to the right site and all my banking sites have a further auth step which isn't ever stored on my keepass.