Mostly, you are right.
But strictly, it is not a password for authentication, but just an encryption key, so the user is only asked to enter it when changing browsers, for example.
This is because it is usually not recommended to store passwords in localStorage, etc., but with an encryption key it is considered possib le.

I think in bitwarden it is called "master password".🤔