Add:

• Name (required for Kind::Account, Kind::ServiceCredentials, Kind::Asymmetric, and Kind::Certificates)
• Account ID (only for Kind::Account)
• Key (e.g, API Key; only for Kind::ServiceCredentials)
• Secret (e.g., API Secret; only for Kind::ServiceCredentials)
• Public Key (only for Kind::Asymmetric)
• Private Key (only for Kind::Asymmetric)
• Public Cert (only for Kind::Certificates)
• Private Cert (only for Kind::Certificates)
• Root Cert (only for Kind::Certificates)

Also update Kind to include:

• Certificates
• Asymmetric (public/private keys)
• Service Credentials

Distinguish between username/password and account/username/password:

• Define Password for the former
• Define Account for the latter (migrate old ones to Password)
• Remove Credentials (migrate old ones to Password)

Add migrations for these:

• Certs
• Kind
• All the bits that depend on those

Update ID to reflect these changes, allowing for similar secrets to exist (e.g., same user, same URL, but different company, etc.):

• Add a default for Metadata.category
• Migration for category will be the default value
• Add migration for name to be the same as username from previous version of record
• Update code for Kind::Password types' CRUD ops to copy username field to name field
• Change ID to be a concatenation of kind:category:name:url

Flag updates for CRUD, listing, and export operations:

• Add --kind flag (default being password)
• Add --category flag (edits, listing, export/import)
• Change --username flag for edits to --name
• Add an alert when updating records with no URL (show existing data, ask to confirm overwrite)

Cleanup:

• Rename various "account variables to "record" (unless they specifically refer to the account type)
• Rename Creds to Secrets

Calling this done.