I was referring to additional piece of secret material required to decrypt the vault. It increases the key length by 128 bits. This is important in the general, overall scheme of things based on how your mother will use the product.
You’re not as good as they are at storing the vault, monitoring it, backing it up, and observing any and all access to that vault and reacting to access that’s not authorised. That’s literally their job and you have to trust someone to do that job well at some point (trust is the backbone of a healthy society)
Of course you can get as good, and better, but the time and energy required would burn hundreds of hours you might consider spending doing something that generates more money, therefore negating any (reasonable) price they put on their product.
In principle there’s no difference, but 1Password did happen to improve the security in parallel with their transition to a cloud-centric product.
That being said it’s worth noting that behaviour can be as important as technology. For example if a cloud-centric solution is more convenient, its users are less likely to engage in security compromising behaviours such as copying and pasting passwords, or declining to use a password manager at all outside of their local device context.
