The current security philosophy almost seems to be: “In order to make it secure, make it difficult to use”. This is why I propose to go a step further: “In order to make it secure, just don’t make it”. The safest account is the one that doesn’t exist or that can’t be accessed by anyone, including its owner.