I think people should seriously consider using something like passphrase2pgp [0] in addition to a hardware key like this. That way you can have a brain key (hopefully generated with diceware or equivalent) to tie together day-to-day keys like this to a more permanent identity. I'm honestly surprised that strategy is not more widespread.
One way to circumvent this is to use a strong passphrase to deterministically generate the PGP/SSH key [1] to unlock other passwords. The SSH key could grant access to a remote server with backups and the PGP key could decrypt passwords using pass [2]. Of course, the "master" passphrase must be kept safe or remembered.
I use passphrase2pgp[1] so I can recreate my GPG key anywhere. I need to remember three pieces of information:
- passphrase (long sentence, but it's easy to remember) - uid (Name - easy) - timestamp (10 digits - kinda hard to memorize but you can have it noted is plain text since it's not sensitive information)