The problem with this scheme is that if your computer is compromised, then an attacker can access all your passwords once you enter the decryption key. I don't think biometrics can actually decrypt stuff though since each scan is slightly different.
I think the best way is to have a hardware key (e.g. usb stick) that does a challenge response, with public/private keys, that never actually gives out the key to anyone, not even the computer you are on. In order to activate it you need to do something physical on that stick, e.g. press a button, or scan a finger print if you want for added security.
You can easily change your password, get a new key. (you could just make the device have a write only private key but you would have to be careful that a virus can't write a known key to the device)
You can give out your public key to multiple servers and know that they are not doing something stupid/bad with it. How do you know that people are not storing your password in clear text on the database?
You can have multiple keys, for different security levels, or simply because you don't want to be tracked.
Some could still steal the key but that is a physical act, and you would most likely eventually notice.