How about you allow me to turn off the second factor if I have a password manager, because I'm way more concerned about loosing my second factor and getting locked out of my account than someone somehow getting into my password manager.
Edit: Didn't answer the actual question - it's something we can look into. My instinct is that offering this wouldn't drastically change the security model, as long as we can be confident your password actually came from a secure password manager. Since some password managers (like 1password) are very strongly tied to devices, I think your ability to retrieve a password from it is a reasonable proxy for a possession factor.
It's definitely something I'd want to read more literature on before building. That's just my instinct, and I'm half expecting someone on HN to share the attack I'm forgetting :)
But doesn't this completely defeat the purpose of the codes, since they're no longer a second factor? I'd rather just not have the codes, as they're still a significant annoyance with next to zero benefit.
