Both Microsoft and Apple (I think Apple does) have the option to encrypt those keys with the user's password where they are storing them.