Preview keys and protected live keys with per-key storage allocations.

Preview keys stay in your browser. Live keys are stored as hashes on the VPS, revealed once, and require Google Authenticator before creation.