this could be an optional feature for advanced users, adding a Secret Key besides the master password to increase security,
this can be implemented relatively easily, like a lenthy-er version of a master password where 1 half of the password is generated locally, manually copied over from device and stored permanently (but never synced/needed to remember) and the other half is the one you remember and use all the time to login.
could probably be implemented with added functionality to display a scannable QR code for easier transfer of this Secret Key
anyway this should always be an optional feature IMHO, since it does introduce some usability hurdles