johnozbay
commented
2 years ago Hi there, your question is incredibly general and vague, and I'm not entirely sure how it's relevant to the project's repository. So I can only answer this generally.
a) Your encryption key is not stored in the browser, it's only kept in memory during your session.
b) You can optionally choose to store / persist your key in the browser between sessions for convenience by clicking the "remember key" button. But in this case the question is not about Cryptee, but about your personal threat model, and how someone may compromise your device / browser directly.
I strongly recommend studying, exercising and coming up with a personal threat model. Once you have a clear personal threat model, I recommend checking out our threat model, where we discuss in detail, what Cryptee can and can't protect you from.
Best,
J
can an attacker steal the encryption key from the browser ??