Inactive 2FA report and subdomains

Feature name

Inactive 2FA report should handle subdomains.

Feature function

  • What will this feature do differently?

If has a recommendation for, but my URI is, it does not match.

I imported logins from my browser to the vault and ran the inactive 2FA report.

My docker login had no 2FA entry, but this was missed in the inactive 2FA report.

The URI I imported was

Changing this to triggered a recommendation in the report.

  • What benefits will this feature bring?

I’m certain that many premium users are missing recommendations.

Also, I can’t find documentation warning of this behavior.

Related topics + references

  • Are there any related topics that may help explain the need and function of this feature?

  • Are there any references to this feature or function on other platforms that may be helpful?


If the host given to doesn’t match, and contains multiple subdomains, the platform could:

  • Remove one label and retry

If does not have a match, search for,, etc. until you reach the second level domain.

  • Just check the second level domain

If does not match, just check the second level domain

Either would overcome the mismatch problem and alert more users of inactive 2fa logins.