Yep, this is very similar to what I'm proposing. The only real difference I can see is in my suggestion to use a encrypted (password protected) bitcoin wallet with this added functionality. Which speaks to his complaint that the current certificate process is browser-dependent.

As the author mentions, the security tool should have a convenient and easily understood way to list out all the online systems you have set up authentification with, so you can terminate (or modify) the login credentials as needed. Just put things in plain language and make it simple to use, which should be an obtainable goal.

The requirement for a password on the security tool on your own computer/phone addresses the point in the first comment about having possession and knowledge to gain access. The security for that one password would need to be extremely high though, as hackers would have access to all your accounts if they could obtain your private/public keys and that one password. So that would need to be addressed carefully.

EDIT: Perhaps a good solution would be to use 2FA in tandem with this approach, at least for financial systems and others you would want to be the most strongly secured. That way even if you had your password stolen you'd still be OK, in principle.