I don’t get it, can someone please explain?

Autofill in the browser is more convenient and safer, and 2 Apps only double the attack surface, no?

Then the Browser Extension offers “biometric” unlocking via Windows Hello, which requires the Desktop-App to be unlocked at all times. And TPM 2.0 or not, you can simply reset the Windows Hello PIN in the Windows Settings?

What do you do to unlock your Vaults? I use a PIN to unlock the Extension after 15 Minutes, Masterpassword after restarting the Browser, but might remove the PIN and only use the Masterpassword on Browser start. On Android I use a PIN (System) and biometrics (BW-App).

On the Bitwarden Websites it says a PIN is less secure than the Masterpassword, I asked support about this, but did not get a clear answer. How is it less safe and on what platforms?

Regarding Argon2id they also wrote “not following the recommendation could corrupt your vault data.” But did not explain in what way, also did not answer any follow-up questions.

I use the following values and never had any issues or lengthy unlock times:

Argon2id 
1024 MB
5 iterations
4 parallelism

And yes, I know that I can do whatever I want and that it’s up to my security-needs, very cool. But also it would be nice to somewhat understand that stuff, especially if I could compromise the Vault.