## A note on Password Protected (Encrypted) Profiles
Profiles are stored locally on disk and encrypted using a key derived from user-known password (via pbkdf2).
Note that once encrypted, and stored on disk, the only way to recover a profile is by rederiving the password - as such it isn't possible to provide a full list of profiles a user might have access to until they enter a password.
See also: [Cwtch Security Handbook: Profile Encryption & Storage](https://docs.openprivacy.ca/cwtch-security-handbook/profile_encryption_and_storage.html)