With OPSEC more and more of concern to ordinary people, a few features would make Codebook even more outstanding. These ideas are in response to passwords being demanded in more situations (crossing borders, during police activity, by employers, etc). A journalist friend was talking about the issues she faced with keeping things safe and organized, which led to some brainstorming.
“Plausible deniability” alternate passwords, ala the old TrueCrypt partitions. This would allow multiple encrypted collections within Codebook. If you enter the password for one, it only shows you the contents for that collection. That way, if, say, border guards demand access so they can see your social media history, you provide the password that unlocks the collection with only social media accounts that focus on innocuous topics. It’s not obvious to the inspecting party that there are other collections (obviously, this would not stand up to code-level analysis, but it’s to defend against most of the situations that arise).
Purge/restore collections. Records can be tagged as sensitive. Sensitive records can be exported to a external storage which also removes them from Codebook. They can be re-imported at a later time. If the purge/restore worked on arbitrary tags, it would enable you to carry only the passwords appropriate for your current job, thereby minimizing exposure.
Time-lock/“dead man switch”. If you have not accessed your passwords in a given timeframe, the data will be wiped from the device. Perhaps this would be selectable to apply to only certain records or categories.
(Disclaimer: I’m not an expert. I haven’t though these through in a seriously detailed way, and someone who knows more about OPSEC should probably vet the ideas and validate whether they make sense.)