Not Relying on Password Vault is Even Better
On the merit of password vault— https://www.linkedin.com/pulse/linkedin-purge-weekly-cyber-alexandre-blanc-cyber-security/
The merit of a password vault is emphasised in the linked newsletter. Storing passwords in an encrypted vault might be relatively better than other conventional measures of password management.
Not storing any passwords in the program should be way better, though, in view of the single point of failure, which is often compared to putting all our eggs in a single basket, which the conventional vault-based password manager inevitably creates.
Where on earth would the passwords be hiding? — There would be no passwords hidden anywhere in the universe. But the seed for generating and regenerating the passwords on-the-fly when needed resides in the brains of citizens as non-volatile episodic image memory.
This on-the-fly regeneration process is not a newly born hypothesis but has been in use for two decades. It was in 2002 that we committed to the software design of not having any secret credential in the software itself.
Ref: “Mnemonic Gateways as Leading Digital Identity App” (updated 22May2023) https://www.linkedin.com/pulse/mnemonic-gateways-leading-digital-identity-app-hitoshi-kokumai/
- Thanks to Alexandre Blanc for reminding me of this vault problem.
