All good, valid points. There's really no situation where it's completely impossible for keys to ever get stolen. I will say that the extension purposely never stores the owner key or master password for accounts, so if there were to ever be a hack, while that would certainly be bad as active keys and liquid funds could be stolen, it's a much easier situation to recover from since you can just change your keys and not have to go through the account recovery process.
I believe this is still more secure than the system being used now where if any of the sites into which people are putting their keys are hacked, many master passwords will be stolen.
Much more secure indeed in this era of middlemen. I just wish browsers had a much heavier emphasis on security in order to facilitate these tasks with the biggest convenience:security ratio.
Posted using Partiko Android