[MTemer]

But if you're using accounts in "public" (like in the office) computers, aren't you trading an unlikely bruteforce for a single point of failure: your password manager, who's also in the cloud? Unless you also use 2FA on the password manager and there's no way for a compromised OS to copy your entire (unlocked) password manager DB. Oh god, I went too far.

[bdcravens]

Most password managers encrypt your contents one-way, and don't offer a forgot-password feature. Not all are in the cloud (1Password, KeePass, etc), though they can be cloudified via sync (for instance, use Dropbox or iCloud) Some support the Yubikey for authentication.