Perhaps just an old ipnone or android with a fingerprint sensor and another installation of bitwarden. You can keep the phone's passcode written down because its only use is to start the device. Then configure biometric log-in for bitwarden as an alternative to a distinct passphrase. In the event of a total blank, you should still have access as long as you retain a finger.
That's why I said write down the passcode and keep it with the device. The device itself isn't important because you're not keeping anything on it. Bitwarden encrypts everything itself. To my knowledge, once you enable biometrics in bitwarden, you will not need to use the master passphrase.
Not the person you responded too, but I imagine you could likely get a custom firmware to allow biometrics whenever, if you can replace the kernel, you can generally make the device behave however you'd like.
