I’m trying to understand how much additional security this adds after the encrypted password file is loaded on my computer. It seems like the main benefit of this approach is to thwart key loggers, but if I get some malware on my system that can do key logging then it can also send the encrypted password file of to some hacker.

So in this case the hacker would know your master password and has your encrypted password file, but the 6 digit number from the Authenticator only increases the number of combinations by 1 million. With the master password and the password file in hand a brute force attack could try 1 million combinations in a matter of minutes, at least based on my very rudimentary understanding of how this works. :)

I guess my question is whether this approach really only adds security to the web log on, or it significantly increase the security of a direct attack on the encrypted password file? Currently I use 1Password with a purely local password file (although I’m looking at cloud backup options), and I’m wondering if this really enhances my security.