[h1d]

Bitwarden has a clean interface and I like it except when you think about it, keeping your entire vault of passwords online also means, 1 single leak of your master login ID / password (which can even be something easier to remember for the sake of not forgetting, which defeats the purpose of the entire existence of it) can put an end to your online self and I stopped using anything online and having 2FA just feels the convenience has flew out the window just to login to some site and offline password managers can just work fine without that massive flaw.

[loteck]

The same massive flaw exists with your offline password manager. The gambit of this argument is that you (or more generally the public) are more capable of properly securing and storing secrets, instead of a company of experts hired to create, configure, update and audit a service to do so.

That's a call each person can make for themselves, but if I'm advising the normals on how to handle it, there's little doubt which direction I'm pointing.

[h1d]

I'm not talking about the security of the machine that holds the data. I'm saying any online password managers (without 2fa) can be unlocked with a single login, where offline password managers don't have such a severe problem.

[NickBusey]

2FA is only required for logins on new / unrecognized devices. If someone else had my master password, they still could not login.

I am only required to enter my 2FA on the installation of each client, so there is no really loss of convenience.