Warning: pre-release, unaudited, not for production use. (Though my password was generated with it)
Instead of saving secrets, it derives them on demand using domain + username + a short passphrase + a physical OpenPGP key (smartcard/YubiKey).
Passwords are reproducible but never persisted.
Currently tested only with RSA4096 on Windows + GnuPG 2.4.x.