"Defense in depth"
Much like, if you have encrypted volumes on your desktop/laptop, you set a different password for encrypted volumes than for your login password, you set a different password for your GPG keys than your login password.
Similarly, you don't have to keep your GPG keys on your desktop/laptop: you can write them to an encrypted device (like a Yubikey). That way, an attacker:
1) Needs the physical device
2) Needs the unlock credentials for the device
3) Needs the password for the GPG key
Presumably, by the time an attacker has surmounted #3, you've invalidated the errant GPG key. Even with a GPG key on an unencrypted disk/device, attacker needs to gain access to the device and then brute-force the password on the key. And, again, presumably by the time they've managed to break the key, you've invalidated it.
thanks for taking the time to tell my that, now I get that.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.