There is indeed a whole lot of problems with security and we don't have consensus on a nice/minimum setup. My main concern right now is the physical access to hardware (my place is far from being a vault). Finding my address would not be that big of an issue then getting in would be very easy.
For now having backups in multiple places is the best for me, having physical keys is not solving any on my security concern. The good part is no one cares about my stuff so for now this is OK.
Sorry I had in mind you login in from a computer that was compromised (without your knowledge), I didn't had in mind a computer compromised without being in use.
EDIT : store your 2FA in the browser from the extension would not be 'like an idiot' as it is encrypted.
EDIT 2 : no forget everything, this whole situation is absurd. If your computer is compromised your password are not (do you store in clear text?!). If you use it to login you are owned already.