I'm still confused... Why can't headless Chrome with Bitwarden easily by-pass this? What private key?