It means exactly what it says. When MyCena is deployed, the organisation generates every credential centrally. The employee never creates a password. They are provisioned through the MyCena platform, and when they need to access a system — any system in scope — they click to connect. MyCena injects the credential at that moment, invisibly, without displaying it to the user.

The employee accesses everything they currently access. Their experience changes in one way only: they no longer type a password. Under the surface, MyCena has generated a cryptographically strong credential, distributed it encrypted, and injected it at the point of authentication. The user never sees it, never stores it, never knows it. It cannot be phished because there is nothing to enter on a fraudulent page. It cannot be shared because there is nothing to share. It cannot persist after departure because the organisation revokes it — not the user.