Master Password Backup

iron_angel:

https://2of3.ente.com/ for the physical backup of master key

The problem with any scheme that requires you to import the master key is… it is no longer a private secret. For instance, when you “copy” the key, it is in the clipboard of whatever OS you’re using, and there’s no shortage of apps that monitor the clipboard. Take extreme care with secrets, and never export them from which ever silicon they’re generated on without “wrapping” them. In the wake of ubiquitous adoption of computationally strong & fast cryptographic constructions, the focus has shifted to compromising keys instead.

lyricism:

You would be turning a “something you know” factor into a “something you have” factor by doing that, which on its own is weaker than a properly random “something you know” factor

Passwords aren’t usually “properly random”. Besides, transitioning from “something you know” to “something you have” isn’t bad for security (password managers are firmly in the latter category, as are passkeys, which additionally have strict domain separation).

lyricism:

I strongly advise against writing down the master password itself

Kind of right. Absent access to hardware-backed vaults, it is okay to write down high-entropy escrow keys (or inputs that can ‘expand’ to 100+ 32-byte keys with a single random-seed & a high-entropy secret) that are revocable/rotate-able without fuss with the main password (which isn’t written down).