From a threat-modeling perspective, this exposes users to risks such as:

-Local email collection from an unlocked or compromised endpoint;
-Abuse of an already-authenticated session;
-Bypassing MFA through session reuse;
-Insider or shared-device access;
-“Evil maid” style access where someone briefly uses an unattended machine;
-Malware or remote-access tools interacting with an already-unlocked mail client
-Account takeover escalation through password reset emails and recovery links.

Please add:

- Require PIN, password, or Windows Hello when launching Proton Mail Desktop
Auto-lock after configurable inactivity;
- Lock when minimized, when the computer sleeps, or when the screen is locked;
- Optional lock on app close/reopen;
- Optional clearing or protection of local cached mail data;

Users should not have to fully sign out and clear application data every time just to prevent casual or opportunistic access. A privacy-first mail client needs a first-class local app lock.

There is now a PIN lock option on the Android Proton Mail app. Why not also the desktop Windows app?!?

just moved to proton as a paying user as a long time user of Tuta. This gap is fairly horrific and surprising for a privacy focused offering. Tuta has this feature front and centre. Anyone who gains access to the machine Physical, or RAT or whatever has unfettered access to all email. This is basic 101 security and critical for the windows client. Without this , for windows users atleast, its just another mail offering and important enough for pause for thought.

very unsecure without autolock in Proton Mail Windows ! All proton settings are exposed if you forget logout even after un computer reboot. Unbelivable :-( i stop now using it and return to web app until autolock.

fonction indispensable pour une suite logicielle visant la cybersécurité !!

I need this improvment.

This is a must have for me, I don't want to use the Proton Mail app on my work computer without this feature

Been missing this feature since day 1 when u downloaded the mail trugh browser and made it an app!XD just saying privacy first! n00t c00l to n00t have iT! 0r the option to do so! if u have some1 sniffing in the hearth of ur sytem! XD Both on startup and after inactivity, PLZ!

This should be a no brainer to make. All your other products have this security feature, including android app for mail. Why don't you have this for the mail desktop app?

Please, Proton Team, add it already!
Use the same system as with Pass, it works perfectly.

This is a critical feature and i don't understand why this is not implemented by default. Please add it...

The Proton mail web app needs the same pin lock as the Pass web app, as soon as possible. This should be as standard for a secure mail app.

For users that count on Proton apps for security and privacy, I believe adding a feature to authenticate after minimizing, restarting or rebooting the system is critical especially if one happens
to forget to log off, anything could happen. At a minimum a PIN (like in Pass) or bio / 2FA. Much less burden than having to log off and on again.

Please add option to password-protect deskop mail app after some time of inactivity.
Ideally it could work just like Proton Pass.

Otherwise I suggest that first login per session requires greater protection (such as 2FA or whatever) and then you only need to enter password or 6-digit PIN (as in Pass) to unlock the app after inactivity.

Should be implemented on all Proton applications…ESPECIALLY MAIL!

This needs to be implemented across the board. Same for Linux and MacOS

This is the ONLY reason I don't use the desktop app. I simply don't understand how this wasn't implemented. I would imagine a windows machine is less secure than my iPhone and yet the phone has a pin function.

I know it's perfectly possible to have this feature as other windows apps do, so come on Proton, get this sorted. So disappointing from a security focused company.

For this reason, I've installed Tutamail to see what I think of it. Oh look, there's a lock feature. I will certainly keep Proton but looks like I'll also use tuta too.

Seems like a no-brainer. Same security level everywhere. And sometimes I don't carry my desktop with me.

It would be nice if the Proton Mail Desktop App could lock like the Proton Pass Desktop App.

Was shocked when I found out the app stayed logged in to my account even after restarting the PC. Please add the option to autolock the app after some time and also after turning the PC off and on.