The password for the vault is strong and exists nowhere other than in my own memory and is never disseminated anywhere. As such, the only attack vectors to gain access to the vault are brute force or compulsion. In the meantime, every account secured with a vault password uses a strong password which can be changed often, or incorporate 2FA, with minimal inconvenience.