I don’t know the passwords to the containers, just the passwords to the keychains. The keychains unlock the containers.

I don’t travel with the containers unless I have to; and if I do have a need travel with the data, then I fedex the keychain to the destination. I can’t be compelled to disclose a password I don’t know, thwarting would-be interlopers.

The upshot of this mechanism is that the passphrases used to secure the containers can be arbitrarily complex and unintelligible — since I don’t have to know them, let alone remember them, they can be of ridiculous strength.

The downside is that an interloper presented with the data but no key might be inclined to make things very unpleasant…