Passwords vaults are used to store (shared) passwords for privileged accounts. Privileged account and session management (PASM) enables full session recording at the vault/gateway level. Vaults reduce the risk of privileged credentials being abused by internal or external threat actors. By combining this with a comprehensive approach to privileged access management, organizations can keep their most sensitive credentials safe from abuse and reduce their cyber risk exposure. For example, creating an SSH backdoor key may make logging in faster, but does so at the expense of locking down access.”]
Source: https://www.centrify.com/resources/pam-101/should-i-use-password-vault/