To be honest, I see it more as a convenience trade-off than a security decision. That's another risk that isn't present with a little book of passwords. There's also another risk inherent with trusting a third party with your credentials - they might, without malice, make a mistake that leads to credential leakage. It takes away the advantage of physical proximity (leaving aside people should-surfing your master password) but opens the number of possible culprits from a select few to potentially billions of people. Stored online, on the other hand, there's no physical proximity required and anyone with an internet connection can have a go (though not all will have the ability to be successful). Post-it notes on the back of your keyboard are another matter though, as you've not taken steps to secure them.
Whilst it'd be easy for someone nearby to nab your password book and take photos, it requires physical proximity, so as long as you're actually securing the book you've probably got a low risk of that happening (outside of being deliberately targeted). It's about assessing the risk you're trying to counter.
Then there's the camp who believe if it can be hacked- it will. Those who believe pen and paper is decrepit, inflexible and open to abuse from someone close to you unless a cipher get used. Each to their own but you are weird! Why on earth would "add item" in a shared folder add a private item? Why do you have to add an item to a private folder, then find it, the click share to share it? Why is there no way to tell the difference between a genuine LastPass user and a random phishing address when sharing secrets? The list goes on. Oh, and whoever preferred the LastPass GUI to KeePass. LastPass's authenticator leaves all your 2FA vulnerable, not just you LastPass vault. " Alternatives like KeePass don't even have the capability to implement 2FA" No they can't, just having a KeePass password doesn't help you without the database whereas a LastPass vault can be accessed from anywhere worldwide if you know the password. "Much like KeePass, if they get your master password they're still in your vault." With LastPass's version it's at LastPass and therefore vulnerable to an attack on LastPass. With Authenticator your 2FA seed is held locally.
"This is no less secure than using Google Authenticator app separately,"