They could maybe solve this problem by offering optional 2 factor. The only problem with 2 factor is that it takes more time and people want to instantly sign in.
Two-factor is a different animal than OnePassword. OnePassword exists to support single-password sign-ins. Yes, it keeps those passwords securely hidden, but it's still a single password.
Two-factor exists to reduce the odds that a person who tricks you out of your password or gets your password during a security breach of a bank, website, etc. will be able to access/take over an account. In addition to the password, they must have a second "key" - typically access to your phone (SMS message) or email account. A hacker halfway around the world won't have that (or shouldn't - that's why each password should be unique).
Yes, two locks on the door is more bother than one, and a lot of people would prefer to avoid two-factor, whether on their Apple devices, when signing into their bank web site, resetting their Google password... which is why all these different companies are so annoying about getting us to start using it. ;-)
I would assume the same difficulty as if you wanted to jump ship from Facebook or Google. Good point and should be considered when using this feature. Hopefully it is as easy as changing the email.
It ought to be, and almost definitely is. The trick is you need to make that change before you jump ship, everywhere that you use it.
It isn't a big trick, as far as I'm concerned, but it's amazing how many people don't consider the consequences before doing something. "Before I change it, do I have any accounts that depend on this email address/phone number?" Simple question, amazing how many people don't ask it of themselves. Other people make up passwords and passcodes without making a record of them - they're focused on the destination (I wanna start using my new computing device!) and don't pause a second to think (or write).
In the end, who is responsible for the messes they find themselves in? It's always the service provider, right?