Its great functionality but it reduces your security. Say someone somehow figures out your 1Password password and security key - if you store your OTPs in Authy, your passwords are useless (well, less useful anyway). If you store your OTPs in 1Password, they have the keys to the kingdom.
This is technically true, but the most likely scenarios that result in the discovery of your secret key (128bits of entropy) + master password (?? additional bits) involve things like a device compromise. If your machine is compromised, you’re probably already exposed to things like session cookie stealing. At that point your attack surface is already blown wide open.
The biggest thing 2FA protects against is credential stuffing. If you’re using a password manager and have high entropy site-unique passwords, the additional entropy by TOTP is mostly moot anyway.
Passwords - protect against unauthorized access of my service accounts, and 1Password - can be compromised via logging or breaches or just plain peeping
Secret key - acts as 2FA for my 1Password and thus protects my master password from unauthorized use - can be compromised if someone steals the physical paper on which it's stored
TOTP - protect against unauthorized use of my service accounts - can be compromised if someone compromises my mobile phone or phone number. Highly unlikely someone would spend that kind of effort and €€€ on me though
All in all its a pretty nicely tiered system. If someone gets my master password, they still need the secret key. If a burglar steals my secret key, they don't have my master password. If someone somehow compromises both of those, they still don't have access to my TOTPs and thus can't login into any of my 'cricital' accounts (basically e-mail, hosting providers, finance, etc. etc.)
Now imagine you have an malicious spouse or housemate or whatever: they could easily learn your master password by peeping over your shoulder, piecing it together bit by bit (ha). They have a lot of opportunity to search for your secret key as well. If you put your TOTPs on 1Password, you're boned. But if you have them in an authenticator app, even having access to your password manager means jack because they can't login without your TOTPs.
I know one of the big faux pas is to talk about your security but most of this stuff can be deducted pretty easily so I don't feel too exposed.
