Comment 337 for bug 195698

(In reply to comment #211)
> - check to see if the profile has a master password
> - if it does, ask the user for their password before restoring the session

I strongly oppose such a solution if we don't know in what situations the master password is actually going to be required (AFAICT it's mostly related to proxies, HTTP basic auth and secure sites where we don't save cookies). Without a more fine-grained wall-paper patch, this might well make the master password feature unusable for people who've set Firefox to "Show [all] windows and tabs from last time".

Secondly, you also get multiple prompts without a master password set, and we couldn't work around those inside SessionStore.

Finally: Adjusting the summary to indicate that this isn't Session Restore specific at all (that seems just the most common situation in which this issue arises).