I don't know how you get a reproducible value from this, but in the use described it isn't actually contributing a second factor.
The idea is to bind password derivation to a physical OpenPGP key.
Without the smartcard/YubiKey inserted, the program can't generate the same password, even if someone knows the domain/username/phrase.
So the key isn't used as extra entropy, but as an essential part of the derivation process.
The idea is to bind password derivation to a physical OpenPGP key.
Without the smartcard/YubiKey inserted, the program can't generate the same password, even if someone knows the domain/username/phrase.
So the key isn't used as extra entropy, but as an essential part of the derivation process.