Currently, while logged in users need only enter their wallet password again when sending out coins from the Bisq wallet, which makes sense.
However, considering that users need to leave Bisq open for offers to be accepted, it would be good security UX practice to offer users a setting option to require entering the Bisq wallet password on several high-security actions:
- Creating new accounts
- Submitting offers to the network
Thoughts or additional actions to add to the list welcome.