1/3rd / 3x was based on the idea of splitting my passwords across 3 databases. Let's take your idea instead.
My concern was that if there is a risk of compromise, by using two different software solutions you've doubled the odds that a vulnerability will expose your data. (I once consulted for a company that had two data centers for high availability, but they had split their production services across the data centers, effectively doubling the odds of an outage instead of reducing their exposure.)
If instead you use the same software and two different data stores, I can see a benefit in having a store that you rarely open, but I'm not sure it outweighs the extra work, at least for me. If someone grabs my password store, having the security questions and answers protected would only help for a few accounts (admittedly, my bank being an important one) and the protection would only last as long as it took an attacker to social engineer their way past it.
I admit, now that you've raised the issue I'm going to at least think about moving my bank q&a info, but I doubt I'll go to the trouble; I suspect I'd either end up forgetting how to get to the credentials or leaving them somewhere someone could get at them.
1/3rd / 3x was based on the idea of splitting my passwords across 3 databases. Let's take your idea instead.
My concern was that if there is a risk of compromise, by using two different software solutions you've doubled the odds that a vulnerability will expose your data. (I once consulted for a company that had two data centers for high availability, but they had split their production services across the data centers, effectively doubling the odds of an outage instead of reducing their exposure.)
If instead you use the same software and two different data stores, I can see a benefit in having a store that you rarely open, but I'm not sure it outweighs the extra work, at least for me. If someone grabs my password store, having the security questions and answers protected would only help for a few accounts (admittedly, my bank being an important one) and the protection would only last as long as it took an attacker to social engineer their way past it.
I admit, now that you've raised the issue I'm going to at least think about moving my bank q&a info, but I doubt I'll go to the trouble; I suspect I'd either end up forgetting how to get to the credentials or leaving them somewhere someone could get at them.