Passwords will be allowed to have arbitrary length

Passwords should be bound to the web service with which they will be used

The passwords will reside encrypted on the server

Only the user will be able to encrypt/decrypt passwords

The encryption should allow multiple passwords to be associated to a web service

Passwords will be encrypted so that compromise of password will not affect future encryptions of new password