I just came back to read that article about 1Password. From what I gained, the attack happens through iCloud. I disabled iCloud completely on my Mac and use dropbox for 1Password backups. Do you think it'll be safe from that type of attack?
Honestly the best security has nothing to do with passwords at all, but instead just make sure that the keys never, ever touch the outside world. Have an offline computer that never, ever goes online. Then only load very trusted SW on it. Use this offline machine to generate the paper wallet keys, and use it to print them. To spend, a common approach is to boot a machine (preferably without a nic) using an Unbuntu disk, then side load bitcoin-qt and sign your cold wallet transaction, then only expose the signed transaction to the outside world. You could even enforce multisig between two cold wallets to make the attack vector even more complex.
Highly technical, but infinitely secure. Someone would have to infect the Unbuntu disk or infect the bitcoin-qt client before sideloading to gain access to your keys. Once you start shuffling around thousands of dollars in BTC, this lunacy starts to make sense.