Looks like the trezor has native support for ALMOST this exact functionality: https://www.youtube.com/watch?v=5Jva-vcFQjE (it for whatever reason, stores the passwords on dropbox, instead of in the device...)
Dropbox isn't secure. They have a master key override and have many times already unlocked boxes without the user's permission. Also, they cache your credentials, anyone who gets a hold of the cache file can put it on another machine and get into the box without authenticating.