I still kick it old school with Bruce Schneier and his Password Safe:
Ports for non Windows / Linux exist, but Bruce says about auditing other code-bases... "Ain't nobody got time for that.".
I have a gpg file as well for my home stuff, but will probably switch to Password Safe for that as I use it at work and it will let you do safe imports from someone else's password file and merge changes. It gets rid of all that who changed what and when stuff by letting you decide what to delete. Kind of a pain to have to manually decide, but when dealing with others on shared account info, I think it will work out for the best :-)
Well, after all, We Must Protect Our Children From Terrorists.
So yeah, eavesdropping everywhere, but only for the well-connected. Yeah. That's it.
-Ensure the PCII document password is NOT included in the e-mail you've attached the PCII to
-Send the email
-Send the password to the protected PCII document in a separate email that uses a different subject line