Perhaps even lowers your security in ways.

Sharing the fact (with the internet) that you use a password manager, lowered your security already, technically speaking.

I find the idea to use one password (and a private key etc) to protect all my other accounts and passwords a bit strange, specially synced over 3rd party servers/services.

Not to mention when people use it on devices often discussed to have ways to eavesdrop on a user, android, iPhone. The security of the password vault is now equal to that of that particular device. (which could be as low as no security)

When you use a password manager and separate passwords for each website, you're effectively eliminating an entire class of potential attacks, because any leaks from the website will not affect your accounts elsewhere (especially bad for accounts with privileges such as your email or bank accounts).

In exchange, you use a password or key to locally decrypt the rest of your passwords. This means for someone to have access to your password store they have to (1) find a vulnerability in the password manager store file or (2) obtain access to your machine. Comparing these, (1) is much less likely than getting a password list from a server with more attack surfaces, and (2) would also leak your passwords even without a password manager.

It may seem strange to think of all your passwords as being protected by a single password, but the key concept is that you aren't sending that password across the wire, but do regularly send the others. If your local machine is insecure, it doesn't really matter whether or not you are using a password manager.

Obviously, it would be even more secure to have different passwords for each website and be able to remember all of them, but it's not a very reliable method of storage and puts too large a burden on the user.

Then somebody managing to capture all my login details in different websites with a per website login in a particular time frame, they would need a year to capture all logins as i don't use all sites daily weekly, or even monthly.

One can discuss it short, one can discuss it long :) but you remain to put all your (generated) eggs in a single basket. A basket (computing security does not exist, it only delays things) that cannot be more secure then your mind.

Use a long pass phrase and two-factor authentication for the few things that really matter.

These are: your domain name seller, your email provider, your file storage provider.

If you suspect your family members will do a poor job of keeping their 2FA backup codes, or that they lose their phone often... then centralizing the 2FA codes through Authy and choosing a long backup phrase there allows your family to use their 2FA codes on more than one device.

Note: I haven't even said "unique pass phrase per site". Yes it would help, but simply having a long pass phrase with 2FA is probably going to be more helpful for those who already find LastPass or 1Password too much to use that they needed the same password everywhere.

The sad truth seems to be that Dropbox, iCloud and other cloud services are not safe enough for confidential or sensitive information.

Regardless whether or not Dropbox was hacked this time, they have been compromised in the past and most likely will be in the future.

In addition to security issues, there have been data loss and integrity issues, so cloud services are not safe for back ups either.

Here we're talking about average people's passwords leaked to the general public. Your files could be accessible by anyone. Or irrecoverably lost due to a bug. This has obvious consequences to the average person.

Well, I don't expect the average to understand the issue nor be able (read: want) to do anything about it (ie. encrypt before handing over their data to untrusted third parties).

Quite frankly, Jennifer Lawrence's nude photographs had more influence on the average person's thoughts about computer security than Snowden's revelations. As sad as it is.