No offence, but in my humble opinion using 1password, or any password manager, does not make you a better or more secure user.
Perhaps even lowers your security in ways.
Sharing the fact (with the internet) that you use a password manager, lowered your security already, technically speaking.
I find the idea to use one password (and a private key etc) to protect all my other accounts and passwords a bit strange, specially synced over 3rd party servers/services.
Not to mention when people use it on devices often discussed to have ways to eavesdrop on a user, android, iPhone. The security of the password vault is now equal to that of that particular device. (which could be as low as no security)
When you use a password manager and separate passwords for each website, you're effectively eliminating an entire class of potential attacks, because any leaks from the website will not affect your accounts elsewhere (especially bad for accounts with privileges such as your email or bank accounts).
In exchange, you use a password or key to locally decrypt the rest of your passwords. This means for someone to have access to your password store they have to (1) find a vulnerability in the password manager store file or (2) obtain access to your machine. Comparing these, (1) is much less likely than getting a password list from a server with more attack surfaces, and (2) would also leak your passwords even without a password manager.
It may seem strange to think of all your passwords as being protected by a single password, but the key concept is that you aren't sending that password across the wire, but do regularly send the others. If your local machine is insecure, it doesn't really matter whether or not you are using a password manager.
Obviously, it would be even more secure to have different passwords for each website and be able to remember all of them, but it's not a very reliable method of storage and puts too large a burden on the user.
Then let's agree to disagree. But points 1 and 2 that you describe are both more likely (to specifically compromise/capture your vault unlock).
Then somebody managing to capture all my login details in different websites with a per website login in a particular time frame, they would need a year to capture all logins as i don't use all sites daily weekly, or even monthly.
One can discuss it short, one can discuss it long :) but you remain to put all your (generated) eggs in a single basket. A basket (computing security does not exist, it only delays things) that cannot be more secure then your mind.
Perhaps even lowers your security in ways.
Sharing the fact (with the internet) that you use a password manager, lowered your security already, technically speaking.
I find the idea to use one password (and a private key etc) to protect all my other accounts and passwords a bit strange, specially synced over 3rd party servers/services.
Not to mention when people use it on devices often discussed to have ways to eavesdrop on a user, android, iPhone. The security of the password vault is now equal to that of that particular device. (which could be as low as no security)