That is a sweeping generalization about security habits of non-users of Lastpass. My point is that the security-consciousness does not necessarily go hand in hand with using a password management system. If someone gets into your single point of truth, they not only have all your passwords, they know about all your other accounts after - needing only to break into just one of them.
It's about risks and exposure. If it was reasonable for people to have randomly generated, unique, memorable, passwords for every account (also change them periodically and after database "leaks"), then we wouldn't have a need for password managers.
Odds are, people compromise on many or all of those things (even smart or meticulous ones). What you sacrifice with a password manager is a single point of failure. Although, that's a bit dire, generally (and arduously) you could reset those passwords one-by-one if you lost your master password and/or database.
What I like though is that the exposure of your master password is controlled by you and limited between your keyboard and the application (and the various few things in between; the OS, perhaps RAM, etc). This is usually a lot more narrow than the path your passwords usually take (your browser, http, their server). Because it's a single password (and I'm not limited to a site's stupid max character or other constraints), I can make it as obnoxiously long as I'd like--and I don't have to try 3 or 4 obnoxiously long passwords because I can't remember if I typed the wrong one or if I typoed the right one until I get locked out of that website.
Like I alluded to earlier, I also like knowing how long ago I changed my password, what it used to be (in case my db is updated and I didn't quite change my password like I thought I did), unsecure or duplicate passwords (as I migrate them over), or if there has been a database compromise on their end and I though update my password. I'm kind of surprised nobody has released features to automatically change passwords on specific sites.
It's not a generalization but absolutely truth about all people who don't use password managers. They use same password for multiple accounts or invent some "complex" rule to create passwords by url or title or something else. And second option is in light years away from secure way of storing passwords :)
Most of these password managers support 2 factor auth. And personally I would consider it unwise not to use 2 factor if your passwords are kept in the cloud (as opposed to a local password vault).