Contrary to what password managers say, a server compromise can mean game over.

@dangoodin @tehstu

Likely fine for now, until the next server-hosted "not really zero knowledge" problem is discovered. Very likely, it already has been discovered... So you're down to hoping the discoverer isn't hunting you and your secrets in particular.

@erlenmayr @filippo

Network-attached HSMs protect adequately against theft of hardware that involves cutting power to the host, so long as the multiple parties required for unlocking the HSM at startup can't be coerced into doing so with an XKCD 538 attack on themselves or loved ones.