This is a fantastic idea; I started to implement something like this about a year ago, but never got very far. This is the true way to implement password security; A generated token based on website, username, and a private key stored only in your head.
