>But you do have to worry about the host company going out of business.
Right, or other failures! Years ago my website was hosted by Time Warner Cable, I lost the original files in a hard drive crash but had never worried because good old TWC had them. Then TWC did an "upgrade" - guess what happened?
My experience with peers (and myself) is that leaving clues to passwords is a dangerous exercise. What is an obvious clue today is meaningless in a year. Even worse are the people who arrogantly state that they've selected a password there is no need to record because they'll never forget it. "I told you that you'd forget it" isn't a very satisfying refrain when somebody is stuck. I think that the problem has become much worse in recent years because of password "rules". You start out innocently with "mine" but then the rules call for 8 characters so you use "password" then they require an upper case character "Password" and a number "Password9" and a special character "Password9&" and then they require monthly changes and don't allow repeating elements and your password is "Jones&July". So I ask you which of these was the one that you opened your Google account with 11 years ago and which was your new November, 2012 Facebook account. It simply isn't possible to remember.
OK let me ask you this. Is it safe to keep passwords on a password-protected thumb drive and paste them in or to type them in? One option is to not put passwords on the tumb drive but to leave clues that only you would know. But, you run the risk of forgetting passwords anyway.
Good advice - with the key observation that the external disk drives must be in a different location from the computer (which then poses a logistical issue regarding how the backups are accomplished if they're not on the cloud and you don't commute 800 miles (as I do) and have one at each end of the commute. The password advice I find challenging. With over 400 passwords, a password is being changed all the time. Other than commuting to the safe deposit box, it isn't possible to keep that list current. Software solutions, of course, have security risks and may fail at the worst possible time (as I've seen).
Yes, the personal cloud systems advertising misses an extremely important point: meaningful backup. If your building burns down, your computer and the external disk drive go together. Likewise, when your computer is stolen, the external hard drive usually goes with it [I've heard of a sickening number of cases of this.] There is effectively a single point of failure. The big advantage of the Internet Cloud (when it is accessible) is that it persists even when your local hardware is destroyed or stolen.
My philosophy is triple redundant backups: two physical locations located hundreds of miles apart have large hard disks where I backup my computer and then the Internet Cloud keeps a third copy which is accessible from "anywhere".
I like to think that hardware failures (hard disks always fail eventually) will occur one by one and I'll have time to build a new backup before the files are lost everywhere. The Internet Cloud is supposed to be internally redundant but I've seen some serious glitches in the software (one wiped out 365 daily backups - fortunately at a time that they were not needed).