The first time the app is closed, it ASKS if we would like to actually close the app, or just minimize it to the system tray. It doesn't really explain any benefits to having the app running in the background all the time, so I can't see a reason to give it non-stop CPU time, or a possible security hole where malicious apps could try to access it it memory. So, since I didn't see any benefits, and only possible issues, choosing to have the app fully close seems to be the logical decision.
That choice is ignored.
Instead of actually closing the app as requested, it does the exact thing it was just asked not to do, and minimizes to the system tray anyway. Then, seemingly as punishment for someone daring to want to close the app, it signs the user out of the app so that they will have to re-sign back in, and re-2FA, and then pops up the above notification.
I can understand the argument being that it's not punitive, but instead it's for security, but wouldn't it be MORE secure to fully close the app? When I close an app, I shouldn't have to track it down in the system tray and close it again, or find it in Task Manager and have to End Task it, it should just close.
The only reason I can think of for continuing to stay running after the user closes the app is because the app is gathering metrics and user data an exfiltrating it back to LastPass. If that's true, then that would move it from the "Security app" category, to the "malware" app category. Is there another reason for this behavior?
