You may be the only person with physical access to your device, but you should probably consider the possibility that an attacker could gain access to your device via malware.
Based on an analysis I did in another thread, your locally stored vault should be adequately protected using a PIN that consists of a random 9-digit numerical code, or an alphanumeric string consisting of 6 randomly generated characters.