That's what I do, but you still have to change the default Bitwarden behavior to match on host rather than base domain.
replyMatching on base domain as the default was surprising to me when I started using Bitwarden... treating subdomains as the same seems dangerous.
It's probably a convenience feature. Tons of sites out there that start on www then bounce you to secure2.bank.com then to auth. and now you're on www2.bank.com and for some inexplicable reason need to type your login again.
replyActually it's mostly financial institutions that I've seen this happen with. Have to wonder if they all share the same web auth library that runs on the Z mainframe, or there's some arcane page of the SOC2 guide that mandates a minimum of 3 redirects to confuse the man in the middle.
This is the way. You can even do it with mDNS.
reply