Hi Proton Team and Community,

I would like to raise a security-related suggestion regarding Proton Drive’s session management.

Currently, Proton Drive maintains a persistent login session, which is convenient from a usability standpoint. However, in certain scenarios, especially when dealing with sensitive or confidential documents, this behavior can pose a security risk.

Unlike tools such as Cryptomator, which require authentication (e.g., PIN or password) every time the application is accessed, Proton Drive does not currently offer an option for an additional local authentication layer or automatic lock on device access.

You guys already do this with proton pass.

Suggestion:
It would be highly valuable to have an optional feature such as:

A local PIN or password lock when opening Proton Drive
An auto-lock after inactivity (configurable timeout)
A requirement to re-authenticate on device unlock or app reopen

This would significantly enhance security, particularly for:

Shared or occasionally accessed devices
Work environments handling sensitive data
Users who prioritize stricter session control over convenience

Importantly, this should be an optional setting, allowing users to choose between convenience and stricter access control.

I believe this feature would align well with Proton’s strong privacy and security positioning.

Thank you for considering this suggestion.