(no title)

Yes, it puts 1Password as the only point of failure iff 1Password security is compromised. This would require knowing my Master Password, my Secret Key, and 2FA with either my OTP from Google Authenticator or a Yubikey to open the vault on a new device, or knowing my master password on a device that I already have 1Password set up on.

On the flip side however, for anyone who _doesn't_ know I use 1Password (oops), any credential stuffing attack or password leak is not likely to get anywhere, as they're not going to be attacking my 1Password vault.