Norton Password Manager does not automatically lock the vault after a period of inactivity. As long as the browser stays open, the vault can remain unlocked, which is a serious security risk for a password manager storing highly sensitive credentials.

This is particularly concerning when:

• a user forgets to close the browser

• the system is left unattended

• multiple people have access to the same computer

Options like “always ask for the vault password” and disabling “keep my vault unlocked for 7 days” do not fully address the risk. A configurable inactivity-based auto-lock feature is needed to meet modern security standards.

I strongly encourage Norton to add this feature to improve Password Manager security.

Bitwarden
https://bitwarden.com/help/vault-timeout/

Thank you for the reference.

This is exactly my point.
Bitwarden clearly demonstrates that a configurable inactivity-based vault timeout is an industry standard for password managers.
The absence of such a feature in Norton Password Manager is not a usability issue but a genuine security gap.
I hope this will be taken into account by the product team.

I’ll have this thread moved to the Product Suggestions forum board.