You don't even need a keylogger for password leakage. You could accidentally type in your password into a logged field because you forgot to press tab or alt-tab to move cursor focus.
2FA for setup doesn't strike me as too onerous. It only happens once per device, after which you're free to rely on just your master password or even biometrics.
2FA for setup doesn't strike me as too onerous. It only happens once per device, after which you're free to rely on just your master password or even biometrics.