What rubbish is this?<p>Does the author not understand entropy or probability?<p>Deriving an RSA key from the product of two memorizable numbers makes it brute-force-able, and sends us back to 1990s export controlled encryption strength.<p>Tattoo-ing a key on one’s arm (however ridiculous) would be better than the methods here.
In case one not digging into the source code, the key stretching here is PBKDF2-HMAC-SHA512 with 400,000 iterations (OWASP recommended 210,000).<p>The reason for not using Argon2 or scrypt is because PBKDF2 is native provide by Webcrypto yet FIPS-140 compliance.