When you open TB it checks accounts for new mail. To check for new mail requires the account password, which is what triggers the request for the primary password.

Thanks for the explanation how the system works, but this does not explain why it has to work like that.

Why can't TB check the email, with the password, without exposing it (the password) to the user?

Just a comment here: Once TB starts, messages that have already been retrieved are viewable. To protect privacy, the primary password must be entered at the time TB starts.

I don’t want to protect my e-mails, I want to protect my passwords.

Current situation:

• No primary password = passwords are visible in the settings, TB is open without password
• Primary password = passwords are locked with password in settings, TB is locked with password

Desired situation:

• passwords are locked with password in settings, TB is open without password

I understand. However, many/most users who set the primary passwords DO want to protect their messages and those persons use the primary password for that. What you have is a suggested change, and this site is primarily for support. You may want to pursue this by getting involved in Thunderbird development. I cannot help you in this. Good luck.

Just a comment here: Once TB starts, messages that have already been retrieved are viewable. To protect privacy, the primary password must be entered at the time TB starts.

This is a common misconception. But primary password does not, and is not intended to, protect viewing of messages which have already been downloaded.

@David, thanks. How can I make a feature request for this?

I think the main approach would be to report it as a bug, a feature not 'working' yet. That would be at https://bugzilla.mozilla.org/home . Good luck.