[eternityforest]

The trouble is losing a phone is probably just as common or more common than getting hacked, and keepass sync is purely manual.

I suspect the most secure way to store passwords is in your Google account, because they have a far higher budget than almost anyone else. They will spy on you, but they also keep random hackers out.

I use BitWarden (with gmail as the 2FA) instead because I wanted the ability to try different browsers, and I like being able to store other bits of critical info in my vault.

You generally can't get hacked on anything important unless you already lost your phone, even if they have your password, because of 2FA.

You also don't lose your account if you lose your phone if you use SMS 2FA like most people do even though it's not perfectly secure, because your cell carrier can recover your number.