Passwordless/weak + 2FA login secure?

Oh, I use KeePass for many years now.
Bitwarden usage for me was to be able to explain that to my family as I try to convince them to use a password safe.

As I understand right now I can provide / recommend my family:

  • Get a BW family account to take the premium costs from them - done
  • Recommend them to use a strong master password (explaining passphrases) - done
  • Provide and setup Yubikeys to them - done
  • Set timeout to never and lock at the PC browser add-on as otherwise you actually have to type the strong masterpassword 2 times when using Yubikeys in addition (reference thread) - seriously you can’t explain the 2*repeated strong password input to someone you want to convince using a software.
  • Set timeout to ~5 minutes and lock + user fingerprint to unlock at the mobile app.

However I’m not comfortable with the latter two items.
And the Yubikeys could be used better in my opinion without sacrificing convenience too much.