alt Hacker News> At minimum, a credential manager distributed for wide use should encrypt exported/copied keys with a user selected secret or user generated key.
What should happen if the developers refuse to enforce this?
> At minimum, a credential manager distributed for wide use should encrypt exported/copied keys with a user selected secret or user generated key.
What should happen if the developers refuse to enforce this?