I’ve written a longer text on the fallacy of a multiple passwords strategy, you’re welcome to read it here: https://www.axcrypt.net/blog/use-of-different-passwords/ .
It’s questionable if the Office password protection adds anything also, the problem being that Microsoft failed several times to implement it correctly, and now it’s often very hard to know just what version of the implementations is used in a specific situation. The most recent implementation appears to be “good”, but it’s often not used due to default settings for backwards compatibility etc. It’s complicated…
The idea with AxCrypt 2 is that you should use one single sufficiently strong password for all your needs. Also, we do provide a password manager, but I can of course understand concerns about that. However, stating “I’ve never been hacked, but LastPass has” is not really a valid argument. The most likely case is that on-one has tried hacking you, while thousands have tried hacking LastPass. The problem is that there is a big risk that the first one who tries to hack you succeeds, and you won’t know until it’s too late. In some ways, it’s actually a good idea to use a product or service which *has* been hacked, as long as the provider has acted correctly, and improved the product since. Then at least you know that someone has tried, found a problem, which subsequently has been fixed. That’s one known problem gone.