Not sure what you are using because my bitwarden does not have a secondary key.

What is the primary login method? Because I'm using SSO, and it still requires a master password.

A master password isn’t what we’re talking about though.

1Password last I used it, asked for a master, and a secret extra password. I still cannot explain why.

Granted my setup was for corporate but I am pretty sure it’s the same for everyone.

My best guess is that they are trying to cover for weak masters in the way that LastPass was enforcing but failing to update their PBKDF2 interations.

Which IMO is stupid and a failure to enforce best practices at the user’s first input.

Something like "reenter your password to check you know what you're typing"?