Physical storage of key is the weakest link

[Andrew Purshottam]

[good discussion of how the pass phrase is more guessable 
 that the secret key deleted ]
>> In short, these are reasons to keep your secret key secret. Your
>> passphrase alone may be insufficient (else why not just dispense with
>> the secret key and just have a passphrase?).

Well, because the secret key is part of a <secret key, public key> pair,
and is thus some un-rememberable number, rather than a hash of something
rememberable.