> so your single point of failure is now just ONE password, the consequences of which would be that an attacker would have access to all of your passwords.

Most managers have 2FA, or an offline key, to prevent this issue, and encrypt your passwords at rest so that without that key (and the password) the database is useless.