There are a few issues with this scheme:
- if the password is not strong then the key won't be strong either;
- it uses an unnamed key derivation routine, but since it doesn't take a salt or work factor, it's probably not a strengthening PBKDF (password based key derivation function) to counter weaknesses in passwords;
- if the random number generator or key generator changes then the wrong key would be calculated;
- it is not possible to change the password, something that should be possible for good password management;
- it works for a single key but not for multiple keys (although it is easy to change the protocol to make that possible).
In the end, if the username is unique then you'd get unique keys presuming your key derivation method is any good. And if your password is secure enough then it would be tricky to derive the key. Note that this basically means that the password is required to very complex, which in turn means that a password manager is probably required to remember it. And there are more flexible and more secure options to secure a key if such a device is required anyway.
So it's not insecure in itself, but it's rather inflexible and easy to mess up. And then it is still required to remember a very strong password.
