The vault provides a convenient secure storage for passwords used to access MySQL servers. By using the vault, you need not enter credentials every time MySQL Workbench attempts to connect to a server.
The hostname is used for storing password information. For example, a local connection might use "localhost", "127.0.0.1", or "::1", but these are stored separately in the password storage vault, even if they all resolve to the same place.
The vault is implemented differently on each platform:
Windows: The vault is an
encrypted file in the MySQL Workbench
directory. This is where
connections.xml and related files are
located. The file is encrypted using a Windows API which
performs the encryption based on the current user, so only
the current user can decrypt it. As a result it is not
possible to decrypt the file on any other computer. It is
possible to delete the file, in which case all stored
passwords are lost, but MySQL Workbench will otherwise perform
as expected. You then must re-enter passwords as required.
Mac OS X: The vault is
implemented using the Mac OS X Secure Keychain. The keychain
contents can be viewed using the
Linux: The vault works by
storing passwords using the
daemon, which must be running for password persistence to
work. The daemon is automatically started in GNOME desktops,
but normally is not in KDE and others. The
gnome-keyring daemon can be used for
password storage in MySQL Workbench on non-GNOME platforms, but
must be started manually.