I am posting this idea for my dad who uses LastPass on a Windows 10 desktop computer. He would like LastPass to automatically log his session out when he closes the browser, shuts down the computer, or abruptly powers off the machine, but only if a configurable amount of time has passed. He is worried that if someone were to steal his computer, they could use the fact that LastPass automatically logs in when starting up to see all of his passwords. He has the advanced setting for "Website Auto Logoff" set to 5 minutes. I looked at the description of that setting and it says the following when clicking on the i/info icon:

Automatically log out of the LastPass.com website, but not browser extensions, after the selected period of time. To automatically log out the extension, change your extension preferences.

On my dad's computer, he noticed the following inconsistent behavior between shutting down his browser and restarting it and shutting down his computer, restarting his computer, and then starting the browser. When he shut down his browser for at least 5 minutes and then relaunched the browser, LastPass did not automatically log in and he had to relog into LastPass. However, when he shut down his laptop, waited at least 5 minutes, powered on the machine, and started the browser, LastPass automatically logged him in. He thinks the second scenario should work like the first and require a new logon. I tested the same scenarios on my laptop with his userid and got different behavior. In both scenarios, LastPass automatically logged in. I think the difference between our systems might have something to do with our LastPass extension preferences, but I am not sure.

My dad feels very strongly about what he perceives to be an issue. Is there a setting or something to cause LastPass to require a new logon when shutting down the computer for a configurable amount of time such as 5 minutes, powering the machine back on, and restarting the browser? I think the setting he may want to use is the extension preference for, "Log out when all browsers are closed". However, I think this setting will only log out if he is not logged into LastPass on any of his other browsers. Is that what this setting means? Also, he would like to be able to reboot his computer, relaunch the browser, and have LastPass automatically log in unless a configurable amount of time has passed. (He had the "Website Auto Logoff" set to 5 minutes thinking that would force the automatic logout to be 5 minutes when shutting down the browser or rebooting the computer, but that setting didn't help).

I am a premium LastPass user that previously opened a ticket on my dad's behalf, and the support person that responded suggested I suggest an idea on this forum.

Thank you,
Peter