Storing encryption keys in user object

I am wondering about a suggestion from the docs regarding creating encryption keys per user where it says:
“…use an authentication trigger to create a 64-bit key and store that key in a user object.”

What would be the point in storing encryption keys for data in the same database as the data itself (from a security standpoint)? I must be missing something, because this doesn’t make sense to me otherwise.