With mercurial 1.9.x, the keyring extension no longer works with repos containing subrepos. Normal operation (i.e, a single repo) is fine. When using suprepos, I'm prompted for my password once for each subrepo.
1.8.3 works well. I'm sticking there for now. I'm using the latest version of mercurial keyring (0.4.6), on a Linux (CentOS) box. Thanks for your help.