Merge branch 'feature/refactored-unlock' into develop

main/commons/src/main/java/org/cryptomator/common/settings/VaultSettings.java

@@ -26,7 +26,6 @@ import java.util.Random;
 
 /**
  * The settings specific to a single vault.
- * TODO: Change the name of individualMountPath and its derivatives to customMountPath
  */
 public class VaultSettings {
 
@@ -36,6 +35,7 @@ public class VaultSettings {
 	public static final boolean DEFAULT_USES_READONLY_MODE = false;
 	public static final String DEFAULT_MOUNT_FLAGS = "";
 	public static final int DEFAULT_FILENAME_LENGTH_LIMIT = -1;
+	public static final WhenUnlocked DEFAULT_ACTION_AFTER_UNLOCK = WhenUnlocked.ASK;
 	
 	private static final Random RNG = new Random(); 
 
@@ -45,11 +45,12 @@ public class VaultSettings {
 	private final StringProperty winDriveLetter = new SimpleStringProperty();
 	private final BooleanProperty unlockAfterStartup = new SimpleBooleanProperty(DEFAULT_UNLOCK_AFTER_STARTUP);
 	private final BooleanProperty revealAfterMount = new SimpleBooleanProperty(DEFAULT_REAVEAL_AFTER_MOUNT);
-	private final BooleanProperty usesIndividualMountPath = new SimpleBooleanProperty(DEFAULT_USES_INDIVIDUAL_MOUNTPATH);
-	private final StringProperty individualMountPath = new SimpleStringProperty();
+	private final BooleanProperty useCustomMountPath = new SimpleBooleanProperty(DEFAULT_USES_INDIVIDUAL_MOUNTPATH);
+	private final StringProperty customMountPath = new SimpleStringProperty();
 	private final BooleanProperty usesReadOnlyMode = new SimpleBooleanProperty(DEFAULT_USES_READONLY_MODE);
 	private final StringProperty mountFlags = new SimpleStringProperty(DEFAULT_MOUNT_FLAGS);
 	private final IntegerProperty filenameLengthLimit = new SimpleIntegerProperty(DEFAULT_FILENAME_LENGTH_LIMIT);
+	private final ObjectProperty<WhenUnlocked> actionAfterUnlock = new SimpleObjectProperty<>(DEFAULT_ACTION_AFTER_UNLOCK);
 
 	public VaultSettings(String id) {
 		this.id = Objects.requireNonNull(id);
@@ -58,7 +59,7 @@ public class VaultSettings {
 	}
 
 	Observable[] observables() {
-		return new Observable[]{path, mountName, winDriveLetter, unlockAfterStartup, revealAfterMount, usesIndividualMountPath, individualMountPath, usesReadOnlyMode, mountFlags, filenameLengthLimit};
+		return new Observable[]{path, mountName, winDriveLetter, unlockAfterStartup, revealAfterMount, useCustomMountPath, customMountPath, usesReadOnlyMode, mountFlags, filenameLengthLimit, actionAfterUnlock};
 	}
 
 	private void deriveMountNameFromPath(Path path) {
@@ -122,17 +123,17 @@ public class VaultSettings {
 		return revealAfterMount;
 	}
 
-	public BooleanProperty usesIndividualMountPath() {
-		return usesIndividualMountPath;
+	public BooleanProperty useCustomMountPath() {
+		return useCustomMountPath;
 	}
 
-	public StringProperty individualMountPath() {
-		return individualMountPath;
+	public StringProperty customMountPath() {
+		return customMountPath;
 	}
 
-	public Optional<String> getIndividualMountPath() {
-		if (usesIndividualMountPath.get()) {
-			return Optional.ofNullable(Strings.emptyToNull(individualMountPath.get()));
+	public Optional<String> getCustomMountPath() {
+		if (useCustomMountPath.get()) {
+			return Optional.ofNullable(Strings.emptyToNull(customMountPath.get()));
 		} else {
 			return Optional.empty();
 		}
@@ -150,6 +151,14 @@ public class VaultSettings {
 		return filenameLengthLimit;
 	}
 
+	public ObjectProperty<WhenUnlocked> actionAfterUnlock() {
+		return actionAfterUnlock;
+	}
+
+	public WhenUnlocked getActionAfterUnlock() {
+		return actionAfterUnlock.get();
+	}
+
 	/* Hashcode/Equals */
 
 	@Override

main/commons/src/main/java/org/cryptomator/common/settings/VaultSettingsJsonAdapter.java

@@ -25,11 +25,12 @@ class VaultSettingsJsonAdapter {
 		out.name("winDriveLetter").value(value.winDriveLetter().get());
 		out.name("unlockAfterStartup").value(value.unlockAfterStartup().get());
 		out.name("revealAfterMount").value(value.revealAfterMount().get());
-		out.name("usesIndividualMountPath").value(value.usesIndividualMountPath().get());
-		out.name("individualMountPath").value(value.individualMountPath().get());
+		out.name("useCustomMountPath").value(value.useCustomMountPath().get());
+		out.name("customMountPath").value(value.customMountPath().get());
 		out.name("usesReadOnlyMode").value(value.usesReadOnlyMode().get());
 		out.name("mountFlags").value(value.mountFlags().get());
 		out.name("filenameLengthLimit").value(value.filenameLengthLimit().get());
+		out.name("actionAfterUnlock").value(value.actionAfterUnlock().get().name());
 		out.endObject();
 	}
 
@@ -37,14 +38,15 @@ class VaultSettingsJsonAdapter {
 		String id = null;
 		String path = null;
 		String mountName = null;
-		String individualMountPath = null;
+		String customMountPath = null;
 		String winDriveLetter = null;
 		boolean unlockAfterStartup = VaultSettings.DEFAULT_UNLOCK_AFTER_STARTUP;
 		boolean revealAfterMount = VaultSettings.DEFAULT_REAVEAL_AFTER_MOUNT;
-		boolean usesIndividualMountPath = VaultSettings.DEFAULT_USES_INDIVIDUAL_MOUNTPATH;
+		boolean useCustomMountPath = VaultSettings.DEFAULT_USES_INDIVIDUAL_MOUNTPATH;
 		boolean usesReadOnlyMode = VaultSettings.DEFAULT_USES_READONLY_MODE;
 		String mountFlags = VaultSettings.DEFAULT_MOUNT_FLAGS;
 		int filenameLengthLimit = VaultSettings.DEFAULT_FILENAME_LENGTH_LIMIT;
+		WhenUnlocked actionAfterUnlock = VaultSettings.DEFAULT_ACTION_AFTER_UNLOCK;
 
 		in.beginObject();
 		while (in.hasNext()) {
@@ -69,10 +71,12 @@ class VaultSettingsJsonAdapter {
 					revealAfterMount = in.nextBoolean();
 					break;
 				case "usesIndividualMountPath":
-					usesIndividualMountPath = in.nextBoolean();
+				case "useCustomMountPath":
+					useCustomMountPath = in.nextBoolean();
 					break;
 				case "individualMountPath":
-					individualMountPath = in.nextString();
+				case "customMountPath":
+					customMountPath = in.nextString();
 					break;
 				case "usesReadOnlyMode":
 					usesReadOnlyMode = in.nextBoolean();
@@ -83,6 +87,9 @@ class VaultSettingsJsonAdapter {
 				case "filenameLengthLimit":
 					filenameLengthLimit = in.nextInt();
 					break;
+				case "actionAfterUnlock":
+					actionAfterUnlock = parseActionAfterUnlock(in.nextString());
+					break;
 				default:
 					LOG.warn("Unsupported vault setting found in JSON: " + name);
 					in.skipValue();
@@ -97,12 +104,22 @@ class VaultSettingsJsonAdapter {
 		vaultSettings.winDriveLetter().set(winDriveLetter);
 		vaultSettings.unlockAfterStartup().set(unlockAfterStartup);
 		vaultSettings.revealAfterMount().set(revealAfterMount);
-		vaultSettings.usesIndividualMountPath().set(usesIndividualMountPath);
-		vaultSettings.individualMountPath().set(individualMountPath);
+		vaultSettings.useCustomMountPath().set(useCustomMountPath);
+		vaultSettings.customMountPath().set(customMountPath);
 		vaultSettings.usesReadOnlyMode().set(usesReadOnlyMode);
 		vaultSettings.mountFlags().set(mountFlags);
 		vaultSettings.filenameLengthLimit().set(filenameLengthLimit);
+		vaultSettings.actionAfterUnlock().set(actionAfterUnlock);
 		return vaultSettings;
 	}
 
+	private WhenUnlocked parseActionAfterUnlock(String actionAfterUnlockName) {
+		try {
+			return WhenUnlocked.valueOf(actionAfterUnlockName.toUpperCase());
+		} catch (IllegalArgumentException e) {
+			LOG.warn("Invalid action after unlock {}. Defaulting to {}.", actionAfterUnlockName, VaultSettings.DEFAULT_ACTION_AFTER_UNLOCK);
+			return VaultSettings.DEFAULT_ACTION_AFTER_UNLOCK;
+		}
+	}
+
 }

main/commons/src/main/java/org/cryptomator/common/settings/VolumeImpl.java

@@ -1,7 +1,5 @@
 package org.cryptomator.common.settings;
 
-import java.util.Arrays;
-
 public enum VolumeImpl {
 	WEBDAV("WebDAV"),
 	FUSE("FUSE"),
@@ -17,18 +15,4 @@ public enum VolumeImpl {
 		return displayName;
 	}
 
-	/**
-	 * Finds a VolumeImpl by display name.
-	 *
-	 * @param displayName Display name of the VolumeImpl
-	 * @return VolumeImpl with the given <code>displayName</code>.
-	 * @throws IllegalArgumentException if not volumeImpl with the given <code>displayName</code> was found.
-	 */
-	public static VolumeImpl forDisplayName(String displayName) throws IllegalArgumentException {
-		return Arrays.stream(values()) //
-				.filter(impl -> impl.displayName.equals(displayName)) //
-				.findAny() //
-				.orElseThrow(IllegalArgumentException::new);
-	}
-
 }

main/commons/src/main/java/org/cryptomator/common/settings/WebDavUrlScheme.java

@@ -1,7 +1,5 @@
 package org.cryptomator.common.settings;
 
-import java.util.Arrays;
-
 public enum WebDavUrlScheme {
 	DAV("dav", "dav:// (Gnome, Nautilus, ...)"),
 	WEBDAV("webdav", "webdav:// (KDE, Dolphin, ...)");
@@ -20,18 +18,4 @@ public enum WebDavUrlScheme {
 	public String getDisplayName() {
 		return displayName;
 	}
-
-	/**
-	 * Finds a WebDavUrlScheme by prefix.
-	 *
-	 * @param prefix Prefix of the WebDavUrlScheme
-	 * @return WebDavUrlScheme with the given <code>prefix</code>.
-	 * @throws IllegalArgumentException if not WebDavUrlScheme with the given <code>prefix</code> was found.
-	 */
-	public static WebDavUrlScheme forPrefix(String prefix) throws IllegalArgumentException {
-		return Arrays.stream(values()) //
-				.filter(impl -> impl.prefix.equals(prefix)) //
-				.findAny() //
-				.orElseThrow(IllegalArgumentException::new);
-	}
 }

main/commons/src/main/java/org/cryptomator/common/settings/WhenUnlocked.java

@@ -0,0 +1,17 @@
+package org.cryptomator.common.settings;
+
+public enum WhenUnlocked {
+	IGNORE("vaultOptions.general.actionAfterUnlock.ignore"),
+	REVEAL("vaultOptions.general.actionAfterUnlock.reveal"),
+	ASK("vaultOptions.general.actionAfterUnlock.ask");
+
+	private String displayName;
+
+	WhenUnlocked(String displayName) {
+		this.displayName = displayName;
+	}
+
+	public String getDisplayName() {
+		return displayName;
+	}
+}

main/commons/src/main/java/org/cryptomator/common/vaults/DokanyVolume.java

@@ -51,7 +51,7 @@ public class DokanyVolume implements Volume {
 		try {
 			this.mount = mountFactory.mount(fs.getPath("/"), mountPoint, mountName, FS_TYPE_NAME, mountFlags.strip());
 		} catch (MountFailedException e) {
-			if (vaultSettings.getIndividualMountPath().isPresent()) {
+			if (vaultSettings.getCustomMountPath().isPresent()) {
 				LOG.warn("Failed to mount vault into {}. Is this directory currently accessed by another process (e.g. Windows Explorer)?", mountPoint);
 			}
 			throw new VolumeException("Unable to mount Filesystem", e);
@@ -59,7 +59,7 @@ public class DokanyVolume implements Volume {
 	}
 
 	private Path determineMountPoint() throws VolumeException, IOException {
-		Optional<String> optionalCustomMountPoint = vaultSettings.getIndividualMountPath();
+		Optional<String> optionalCustomMountPoint = vaultSettings.getCustomMountPath();
 		if (optionalCustomMountPoint.isPresent()) {
 			Path customMountPoint = Paths.get(optionalCustomMountPoint.get());
 			checkProvidedMountPoint(customMountPoint);

main/commons/src/main/java/org/cryptomator/common/vaults/FuseVolume.java

@@ -45,7 +45,7 @@ public class FuseVolume implements Volume {
 
 	@Override
 	public void mount(CryptoFileSystem fs, String mountFlags) throws IOException, FuseNotSupportedException, VolumeException {
-		Optional<String> optionalCustomMountPoint = vaultSettings.getIndividualMountPath();
+		Optional<String> optionalCustomMountPoint = vaultSettings.getCustomMountPath();
 		if (optionalCustomMountPoint.isPresent()) {
 			Path customMountPoint = Paths.get(optionalCustomMountPoint.get());
 			checkProvidedMountPoint(customMountPoint);

main/commons/src/main/java/org/cryptomator/common/vaults/Vault.java

@@ -121,7 +121,7 @@ public class Vault {
 	}
 
 	public synchronized void unlock(CharSequence passphrase) throws CryptoException, IOException, Volume.VolumeException {
-		if (vaultSettings.usesIndividualMountPath().get() && Strings.isNullOrEmpty(vaultSettings.individualMountPath().get())) {
+		if (vaultSettings.useCustomMountPath().get() && Strings.isNullOrEmpty(vaultSettings.customMountPath().get())) {
 			throw new NotDirectoryException("");
 		}
 		CryptoFileSystem fs = getCryptoFileSystem(passphrase);

main/commons/src/test/java/org/cryptomator/common/settings/VaultSettingsJsonAdapterTest.java

@@ -16,7 +16,6 @@ import java.io.IOException;
 import java.io.StringReader;
 import java.io.StringWriter;
 import java.nio.file.Paths;
-import java.util.Arrays;
 
 public class VaultSettingsJsonAdapterTest {
 
@@ -32,7 +31,7 @@ public class VaultSettingsJsonAdapterTest {
 		Assertions.assertEquals(Paths.get("/foo/bar"), vaultSettings.path().get());
 		Assertions.assertEquals("test", vaultSettings.mountName().get());
 		Assertions.assertEquals("X", vaultSettings.winDriveLetter().get());
-		Assertions.assertEquals("/home/test/crypto", vaultSettings.individualMountPath().get());
+		Assertions.assertEquals("/home/test/crypto", vaultSettings.customMountPath().get());
 		Assertions.assertEquals("--foo --bar", vaultSettings.mountFlags().get());
 
 

main/ui/src/main/java/org/cryptomator/ui/addvaultwizard/AddVaultModule.java

@@ -21,6 +21,7 @@ import org.cryptomator.ui.common.FxmlFile;
 import org.cryptomator.ui.common.FxmlScene;
 import org.cryptomator.ui.common.NewPasswordController;
 import org.cryptomator.ui.common.PasswordStrengthUtil;
+import org.cryptomator.ui.common.StageFactory;
 import org.cryptomator.ui.mainwindow.MainWindow;
 import org.cryptomator.ui.recoverykey.RecoveryKeyDisplayController;
 
@@ -51,13 +52,12 @@ public abstract class AddVaultModule {
 	@Provides
 	@AddVaultWizardWindow
 	@AddVaultWizardScoped
-	static Stage provideStage(@MainWindow Stage owner, ResourceBundle resourceBundle, @Named("windowIcons") List<Image> windowIcons) {
-		Stage stage = new Stage();
+	static Stage provideStage(StageFactory factory, @MainWindow Stage owner, ResourceBundle resourceBundle) {
+		Stage stage = factory.create();
 		stage.setTitle(resourceBundle.getString("addvaultwizard.title"));
 		stage.setResizable(false);
 		stage.initModality(Modality.WINDOW_MODAL);
 		stage.initOwner(owner);
-		stage.getIcons().addAll(windowIcons);
 		return stage;
 	}
 

main/ui/src/main/java/org/cryptomator/ui/addvaultwizard/AddVaultSuccessController.java

@@ -27,7 +27,7 @@ public class AddVaultSuccessController implements FxController {
 	@FXML
 	public void unlockAndClose() {
 		close();
-		fxApplication.showUnlockWindow(vault.get());
+		fxApplication.startUnlockWorkflow(vault.get());
 	}
 
 	@FXML

main/ui/src/main/java/org/cryptomator/ui/changepassword/ChangePasswordModule.java

@@ -18,6 +18,7 @@ import org.cryptomator.ui.common.FxmlFile;
 import org.cryptomator.ui.common.FxmlScene;
 import org.cryptomator.ui.common.NewPasswordController;
 import org.cryptomator.ui.common.PasswordStrengthUtil;
+import org.cryptomator.ui.common.StageFactory;
 
 import javax.inject.Named;
 import javax.inject.Provider;
@@ -46,13 +47,12 @@ abstract class ChangePasswordModule {
 	@Provides
 	@ChangePasswordWindow
 	@ChangePasswordScoped
-	static Stage provideStage(@Named("changePasswordOwner") Stage owner, ResourceBundle resourceBundle, @Named("windowIcons") List<Image> windowIcons) {
-		Stage stage = new Stage();
+	static Stage provideStage(StageFactory factory, @Named("changePasswordOwner") Stage owner, ResourceBundle resourceBundle) {
+		Stage stage = factory.create();
 		stage.setTitle(resourceBundle.getString("changepassword.title"));
 		stage.setResizable(false);
 		stage.initModality(Modality.WINDOW_MODAL);
 		stage.initOwner(owner);
-		stage.getIcons().addAll(windowIcons);
 		return stage;
 	}
 

main/ui/src/main/java/org/cryptomator/ui/common/StageFactory.java

@@ -0,0 +1,26 @@
+package org.cryptomator.ui.common;
+
+import javafx.stage.Stage;
+import javafx.stage.StageStyle;
+
+import java.util.function.Consumer;
+
+public class StageFactory {
+
+	private final Consumer<Stage> initializer;
+
+	public StageFactory(Consumer<Stage> initializer) {
+		this.initializer = initializer;
+	}
+	
+	public Stage create() {
+		return create(StageStyle.DECORATED);
+	}
+	
+	public Stage create(StageStyle stageStyle) {
+		Stage stage = new Stage(stageStyle);
+		initializer.accept(stage);
+		return stage;
+	}
+
+}

main/ui/src/main/java/org/cryptomator/ui/common/UserInteractionLock.java

@@ -0,0 +1,51 @@
+package org.cryptomator.ui.common;
+
+import javafx.application.Platform;
+import javafx.beans.property.BooleanProperty;
+import javafx.beans.property.ReadOnlyBooleanProperty;
+import javafx.beans.property.SimpleBooleanProperty;
+
+import java.util.concurrent.locks.Condition;
+import java.util.concurrent.locks.Lock;
+import java.util.concurrent.locks.ReentrantLock;
+
+public class UserInteractionLock<E extends Enum> {
+
+	private final Lock lock = new ReentrantLock();
+	private final Condition condition = lock.newCondition();
+	private final BooleanProperty awaitingInteraction = new SimpleBooleanProperty();
+	private volatile E state;
+	
+	public UserInteractionLock(E initialValue) {
+		state = initialValue;
+	}
+	
+	public void interacted(E result) {
+		assert Platform.isFxApplicationThread();
+		lock.lock();
+		try {
+			state = result;
+			awaitingInteraction.set(false);
+			condition.signal();
+		} finally {
+			lock.unlock();
+		}
+	}
+	
+	public E awaitInteraction() throws InterruptedException {
+		assert !Platform.isFxApplicationThread();
+		lock.lock();
+		try {
+			Platform.runLater(() -> awaitingInteraction.set(true));
+			condition.await();
+			return state;
+		} finally {
+			lock.unlock();
+		}
+	}
+	
+	public ReadOnlyBooleanProperty awaitingInteraction() {
+		return awaitingInteraction;
+	}
+
+}

main/ui/src/main/java/org/cryptomator/ui/common/VaultService.java

@@ -52,62 +52,6 @@ public class VaultService {
 		return task;
 	}
 
-	/**
-	 * Attempts to unlock all given vaults in a background thread using passwords stored in the system keychain.
-	 *
-	 * @param vaults The vaults to unlock
-	 * @implNote No-op if no system keychain is present
-	 */
-	public void attemptAutoUnlock(Collection<Vault> vaults) {
-		if (!keychain.isPresent()) {
-			LOG.debug("No system keychain found. Unable to auto unlock without saved passwords.");
-		} else {
-			List<Task<Vault>> unlockTasks = vaults.stream().map(v -> createAutoUnlockTask(v, keychain.get())).collect(Collectors.toList());
-			Task<Collection<Vault>> runSequentiallyTask = new RunSequentiallyTask(unlockTasks);
-			executorService.execute(runSequentiallyTask);
-		}
-	}
-
-	/**
-	 * Creates but doesn't start an auto-unlock task.
-	 *
-	 * @param vault The vault to unlock
-	 * @param keychainAccess The system keychain holding the passphrase for the vault
-	 * @return The task
-	 */
-	public Task<Vault> createAutoUnlockTask(Vault vault, KeychainAccess keychainAccess) {
-		Task<Vault> task = new AutoUnlockVaultTask(vault, keychainAccess);
-		task.setOnSucceeded(evt -> LOG.info("Auto-unlocked {}", vault.getDisplayableName()));
-		task.setOnFailed(evt -> LOG.error("Failed to auto-unlock " + vault.getDisplayableName(), evt.getSource().getException()));
-		return task;
-	}
-
-	/**
-	 * Unlocks a vault in a background thread
-	 *
-	 * @param vault The vault to unlock
-	 * @param passphrase The password to use - wipe this param asap
-	 * @implNote A copy of the passphrase will be made, which is wiped as soon as the task ran.
-	 */
-	public void unlock(Vault vault, CharSequence passphrase) {
-		executorService.execute(createUnlockTask(vault, passphrase));
-	}
-
-	/**
-	 * Creates but doesn't start an unlock task.
-	 *
-	 * @param vault The vault to unlock
-	 * @param passphrase The password to use - wipe this param asap
-	 * @return The task
-	 * @implNote A copy of the passphrase will be made, which is wiped as soon as the task ran.
-	 */
-	public Task<Vault> createUnlockTask(Vault vault, CharSequence passphrase) {
-		Task<Vault> task = new UnlockVaultTask(vault, passphrase);
-		task.setOnSucceeded(evt -> LOG.info("Unlocked {}", vault.getDisplayableName()));
-		task.setOnFailed(evt -> LOG.error("Failed to unlock " + vault.getDisplayableName(), evt.getSource().getException()));
-		return task;
-	}
-
 	/**
 	 * Locks a vault in a background thread.
 	 *
@@ -209,116 +153,6 @@ public class VaultService {
 		}
 	}
 
-	/**
-	 * A task that runs a list of tasks in their given order
-	 */
-	private static class RunSequentiallyTask extends Task<Collection<Vault>> {
-
-		private final List<Task<Vault>> tasks;
-
-		public RunSequentiallyTask(List<Task<Vault>> tasks) {
-			this.tasks = List.copyOf(tasks);
-		}
-
-		@Override
-		protected List<Vault> call() throws ExecutionException, InterruptedException {
-			List<Vault> completed = new ArrayList<>();
-			for (Task<Vault> task : tasks) {
-				task.run();
-				Vault done = task.get();
-				completed.add(done);
-			}
-			return completed;
-		}
-	}
-
-	private static class AutoUnlockVaultTask extends Task<Vault> {
-
-		private final Vault vault;
-		private final KeychainAccess keychain;
-
-		public AutoUnlockVaultTask(Vault vault, KeychainAccess keychain) {
-			this.vault = vault;
-			this.keychain = keychain;
-		}
-
-		@Override
-		protected Vault call() throws Exception {
-			char[] storedPw = null;
-			try {
-				storedPw = keychain.loadPassphrase(vault.getId());
-				if (storedPw == null) {
-					throw new InvalidPassphraseException();
-				}
-				vault.unlock(CharBuffer.wrap(storedPw));
-			} finally {
-				if (storedPw != null) {
-					Arrays.fill(storedPw, ' ');
-				}
-			}
-			return vault;
-		}
-
-		@Override
-		protected void scheduled() {
-			vault.setState(VaultState.PROCESSING);
-		}
-
-		@Override
-		protected void succeeded() {
-			vault.setState(VaultState.UNLOCKED);
-		}
-
-		@Override
-		protected void failed() {
-			vault.setState(VaultState.LOCKED);
-		}
-	}
-
-	private static class UnlockVaultTask extends Task<Vault> {
-
-		private final Vault vault;
-		private final CharBuffer passphrase;
-
-		/**
-		 * @param vault The vault to unlock
-		 * @param passphrase The password to use - wipe this param asap
-		 * @implNote A copy of the passphrase will be made, which is wiped as soon as the task ran.
-		 */
-		public UnlockVaultTask(Vault vault, CharSequence passphrase) {
-			this.vault = vault;
-			this.passphrase = CharBuffer.allocate(passphrase.length());
-			for (int i = 0; i < passphrase.length(); i++) {
-				this.passphrase.put(i, passphrase.charAt(i));
-			}
-		}
-
-		@Override
-		protected Vault call() throws Exception {
-			try {
-				vault.unlock(passphrase);
-			} finally {
-				Arrays.fill(passphrase.array(), ' ');
-			}
-			return vault;
-		}
-
-		@Override
-		protected void scheduled() {
-			vault.setState(VaultState.PROCESSING);
-		}
-
-		@Override
-		protected void succeeded() {
-			vault.setState(VaultState.UNLOCKED);
-		}
-
-		@Override
-		protected void failed() {
-			vault.setState(VaultState.LOCKED);
-		}
-	}
-
 	/**
 	 * A task that locks a vault
 	 */

main/ui/src/main/java/org/cryptomator/ui/controls/NiceSecurePasswordField.java

@@ -94,8 +94,8 @@ public class NiceSecurePasswordField extends StackPane {
 		passwordField.setPassword(password);
 	}
 
-	public void swipe() {
-		passwordField.swipe();
+	public void wipe() {
+		passwordField.wipe();
 	}
 
 	public void selectAll() {

main/ui/src/main/java/org/cryptomator/ui/controls/SecurePasswordField.java

@@ -40,7 +40,7 @@ import java.util.Arrays;
  */
 public class SecurePasswordField extends TextField {
 
-	private static final char SWIPE_CHAR = ' ';
+	private static final char WIPE_CHAR = ' ';
 	private static final int INITIAL_BUFFER_SIZE = 50;
 	private static final int GROW_BUFFER_SIZE = 50;
 	private static final String DEFAULT_PLACEHOLDER = "●";
@@ -103,7 +103,7 @@ public class SecurePasswordField extends TextField {
 		if (e.getCode() == KeyCode.CAPS) {
 			updateCapsLocked();
 		} else if (SHORTCUT_BACKSPACE.match(e)) {
-			swipe();
+			wipe();
 		}
 	}
 
@@ -189,7 +189,7 @@ public class SecurePasswordField extends TextField {
 		if (length > content.length) {
 			char[] newContent = new char[length + GROW_BUFFER_SIZE];
 			System.arraycopy(content, 0, newContent, 0, content.length);
-			swipe(content);
+			wipe(content);
 			this.content = newContent;
 		}
 	}
@@ -201,7 +201,7 @@ public class SecurePasswordField extends TextField {
 	 * @implNote The CharSequence will not copy the backing char[].
 	 * Therefore any mutation to the SecurePasswordField's content will mutate or eventually swipe the returned CharSequence.
 	 * @implSpec The CharSequence is usually in <a href="https://www.unicode.org/glossary/#normalization_form_c">NFC</a> representation (unless NFD-encoded char[] is set via {@link #setPassword(char[])}).
-	 * @see #swipe()
+	 * @see #wipe()
 	 */
 	@Override
 	public CharSequence getCharacters() {
@@ -220,7 +220,7 @@ public class SecurePasswordField extends TextField {
 			buf[i] = password.charAt(i);
 		}
 		setPassword(buf);
-		Arrays.fill(buf, SWIPE_CHAR);
+		Arrays.fill(buf, WIPE_CHAR);
 	}
 
 	/**
@@ -231,7 +231,7 @@ public class SecurePasswordField extends TextField {
 	 * @param password
 	 */
 	public void setPassword(char[] password) {
-		swipe();
+		wipe();
 		content = Arrays.copyOf(password, password.length);
 		length = password.length;
 
@@ -242,14 +242,14 @@ public class SecurePasswordField extends TextField {
 	/**
 	 * Destroys the stored password by overriding each character with a different character.
 	 */
-	public void swipe() {
-		swipe(content);
+	public void wipe() {
+		wipe(content);
 		length = 0;
 		setText(null);
 	}
 
-	private void swipe(char[] buffer) {
-		Arrays.fill(buffer, SWIPE_CHAR);
+	private void wipe(char[] buffer) {
+		Arrays.fill(buffer, WIPE_CHAR);
 	}
 
 	/* Observable Properties */

main/ui/src/main/java/org/cryptomator/ui/forgetPassword/ForgetPasswordModule.java

@@ -17,6 +17,7 @@ import org.cryptomator.ui.common.FxController;
 import org.cryptomator.ui.common.FxControllerKey;
 import org.cryptomator.ui.common.FxmlFile;
 import org.cryptomator.ui.common.FxmlScene;
+import org.cryptomator.ui.common.StageFactory;
 
 import javax.inject.Named;
 import javax.inject.Provider;
@@ -37,13 +38,12 @@ abstract class ForgetPasswordModule {
 	@Provides
 	@ForgetPasswordWindow
 	@ForgetPasswordScoped
-	static Stage provideStage(ResourceBundle resourceBundle, @Named("windowIcons") List<Image> windowIcons, @Named("forgetPasswordOwner") Stage owner) {
-		Stage stage = new Stage();
+	static Stage provideStage(StageFactory factory, ResourceBundle resourceBundle, @Named("forgetPasswordOwner") Stage owner) {
+		Stage stage = factory.create();
 		stage.setTitle(resourceBundle.getString("forgetPassword.title"));
 		stage.setResizable(false);
 		stage.initModality(Modality.WINDOW_MODAL);
 		stage.initOwner(owner);
-		stage.getIcons().addAll(windowIcons);
 		return stage;
 	}
 

main/ui/src/main/java/org/cryptomator/ui/fxapp/FxApplication.java

@@ -27,6 +27,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import javax.inject.Inject;
+import javax.inject.Provider;
 import java.awt.desktop.QuitResponse;
 import java.util.Optional;
 
@@ -38,24 +39,24 @@ public class FxApplication extends Application {
 	private final Settings settings;
 	private final Lazy<MainWindowComponent> mainWindow;
 	private final Lazy<PreferencesComponent> preferencesWindow;
-	private final UnlockComponent.Builder unlockWindowBuilder;
-	private final QuitComponent.Builder quitWindowBuilder;
+	private final Provider<UnlockComponent.Builder> unlockWindowBuilderProvider;
+	private final Provider<QuitComponent.Builder> quitWindowBuilderProvider;
 	private final Optional<MacFunctions> macFunctions;
 	private final VaultService vaultService;
 	private final LicenseHolder licenseHolder;
-	private final ObservableSet<Stage> visibleStages = FXCollections.observableSet();
-	private final BooleanBinding hasVisibleStages = Bindings.isNotEmpty(visibleStages);
+	private final BooleanBinding hasVisibleStages;
 
 	@Inject
-	FxApplication(Settings settings, Lazy<MainWindowComponent> mainWindow, Lazy<PreferencesComponent> preferencesWindow, UnlockComponent.Builder unlockWindowBuilder, QuitComponent.Builder quitWindowBuilder, Optional<MacFunctions> macFunctions, VaultService vaultService, LicenseHolder licenseHolder) {
+	FxApplication(Settings settings, Lazy<MainWindowComponent> mainWindow, Lazy<PreferencesComponent> preferencesWindow, Provider<UnlockComponent.Builder> unlockWindowBuilderProvider, Provider<QuitComponent.Builder> quitWindowBuilderProvider, Optional<MacFunctions> macFunctions, VaultService vaultService, LicenseHolder licenseHolder, ObservableSet<Stage> visibleStages) {
 		this.settings = settings;
 		this.mainWindow = mainWindow;
 		this.preferencesWindow = preferencesWindow;
-		this.unlockWindowBuilder = unlockWindowBuilder;
-		this.quitWindowBuilder = quitWindowBuilder;
+		this.unlockWindowBuilderProvider = unlockWindowBuilderProvider;
+		this.quitWindowBuilderProvider = quitWindowBuilderProvider;
 		this.macFunctions = macFunctions;
 		this.vaultService = vaultService;
 		this.licenseHolder = licenseHolder;
+		this.hasVisibleStages = Bindings.isNotEmpty(visibleStages);
 	}
 
 	public void start() {
@@ -73,11 +74,6 @@ public class FxApplication extends Application {
 		throw new UnsupportedOperationException("Use start() instead.");
 	}
 
-	private void addVisibleStage(Stage stage) {
-		visibleStages.add(stage);
-		stage.setOnHidden(evt -> visibleStages.remove(stage));
-	}
-
 	private void hasVisibleStagesChanged(@SuppressWarnings("unused") ObservableValue<? extends Boolean> observableValue, @SuppressWarnings("unused") boolean oldValue, boolean newValue) {
 		if (newValue) {
 			macFunctions.map(MacFunctions::uiState).ifPresent(MacApplicationUiState::transformToForegroundApplication);
@@ -88,32 +84,28 @@ public class FxApplication extends Application {
 
 	public void showPreferencesWindow(SelectedPreferencesTab selectedTab) {
 		Platform.runLater(() -> {
-			Stage stage = preferencesWindow.get().showPreferencesWindow(selectedTab);
-			addVisibleStage(stage);
+			preferencesWindow.get().showPreferencesWindow(selectedTab);
 			LOG.debug("Showing Preferences");
 		});
 	}
 
 	public void showMainWindow() {
 		Platform.runLater(() -> {
-			Stage stage = mainWindow.get().showMainWindow();
-			addVisibleStage(stage);
+			mainWindow.get().showMainWindow();
 			LOG.debug("Showing MainWindow");
 		});
 	}
 
-	public void showUnlockWindow(Vault vault) {
+	public void startUnlockWorkflow(Vault vault) {
 		Platform.runLater(() -> {
-			Stage stage = unlockWindowBuilder.vault(vault).build().showUnlockWindow();
-			addVisibleStage(stage);
+			unlockWindowBuilderProvider.get().vault(vault).build().startUnlockWorkflow();
 			LOG.debug("Showing UnlockWindow for {}", vault.getDisplayableName());
 		});
 	}
 
 	public void showQuitWindow(QuitResponse response) {
 		Platform.runLater(() -> {
-			Stage stage = quitWindowBuilder.quitResponse(response).build().showQuitWindow();
-			addVisibleStage(stage);
+			quitWindowBuilderProvider.get().quitResponse(response).build().showQuitWindow();
 			LOG.debug("Showing QuitWindow");
 		});
 	}

main/ui/src/main/java/org/cryptomator/ui/fxapp/FxApplicationModule.java

@@ -11,10 +11,14 @@ import dagger.Provides;
 import javafx.application.Application;
 import javafx.beans.property.ObjectProperty;
 import javafx.beans.property.SimpleObjectProperty;
+import javafx.collections.FXCollections;
+import javafx.collections.ObservableSet;
 import javafx.scene.image.Image;
+import javafx.stage.Stage;
 import org.apache.commons.lang3.SystemUtils;
 import org.cryptomator.common.vaults.Vault;
 import org.cryptomator.ui.common.ErrorComponent;
+import org.cryptomator.ui.common.StageFactory;
 import org.cryptomator.ui.mainwindow.MainWindowComponent;
 import org.cryptomator.ui.preferences.PreferencesComponent;
 import org.cryptomator.ui.quit.QuitComponent;
@@ -36,6 +40,12 @@ abstract class FxApplicationModule {
 		return new SimpleObjectProperty<>();
 	}
 
+	@Provides
+	@FxApplicationScoped
+	static ObservableSet<Stage> provideVisibleStages() {
+		return FXCollections.observableSet();
+	}
+
 	@Provides
 	@Named("windowIcons")
 	@FxApplicationScoped
@@ -43,7 +53,6 @@ abstract class FxApplicationModule {
 		if (SystemUtils.IS_OS_MAC) {
 			return Collections.emptyList();
 		}
-
 		try {
 			return List.of( //
 					createImageFromResource("/window_icon_32.png"), //
@@ -53,6 +62,21 @@ abstract class FxApplicationModule {
 			throw new UncheckedIOException("Failed to load embedded resource.", e);
 		}
 	}
+	
+	@Provides
+	@FxApplicationScoped
+	static StageFactory provideStageFactory(@Named("windowIcons") List<Image> windowIcons, ObservableSet<Stage> visibleStages) {
+		return new StageFactory(stage -> {
+			stage.getIcons().addAll(windowIcons);
+			stage.showingProperty().addListener((observableValue, wasShowing, isShowing) -> {
+				if (isShowing) {
+					visibleStages.add(stage);
+				} else {
+					visibleStages.remove(stage);
+				}
+			});
+		});
+	}
 
 	private static Image createImageFromResource(String resourceName) throws IOException {
 		try (InputStream in = FxApplicationModule.class.getResourceAsStream(resourceName)) {

main/ui/src/main/java/org/cryptomator/ui/launcher/UiLauncher.java

@@ -64,7 +64,11 @@ public class UiLauncher {
 		// auto unlock
 		Collection<Vault> vaultsWithAutoUnlockEnabled = vaults.filtered(v -> v.getVaultSettings().unlockAfterStartup().get());
 		if (!vaultsWithAutoUnlockEnabled.isEmpty()) {
-			fxApplicationStarter.get(hasTrayIcon).thenAccept(app -> app.getVaultService().attemptAutoUnlock(vaultsWithAutoUnlockEnabled));
+			fxApplicationStarter.get(hasTrayIcon).thenAccept(app -> {
+				for (Vault vault : vaultsWithAutoUnlockEnabled){
+					app.startUnlockWorkflow(vault);
+				}
+			});
 		}
 
 		launchEventHandler.startHandlingLaunchEvents(hasTrayIcon);

main/ui/src/main/java/org/cryptomator/ui/mainwindow/MainWindowModule.java

@@ -14,6 +14,7 @@ import org.cryptomator.ui.common.FxController;
 import org.cryptomator.ui.common.FxControllerKey;
 import org.cryptomator.ui.common.FxmlFile;
 import org.cryptomator.ui.common.FxmlScene;
+import org.cryptomator.ui.common.StageFactory;
 import org.cryptomator.ui.migration.MigrationComponent;
 import org.cryptomator.ui.removevault.RemoveVaultComponent;
 import org.cryptomator.ui.vaultoptions.VaultOptionsComponent;
@@ -38,15 +39,14 @@ abstract class MainWindowModule {
 	@Provides
 	@MainWindow
 	@MainWindowScoped
-	static Stage provideStage(@Named("windowIcons") List<Image> windowIcons) {
-		Stage stage = new Stage(StageStyle.UNDECORATED);
+	static Stage provideStage(StageFactory factory) {
+		Stage stage = factory.create(StageStyle.UNDECORATED);
 		// TODO: min/max values chosen arbitrarily. We might wanna take a look at the user's resolution...
 		stage.setMinWidth(650);
 		stage.setMinHeight(440);
 		stage.setMaxWidth(1000);
 		stage.setMaxHeight(700);
 		stage.setTitle("Cryptomator");
-		stage.getIcons().addAll(windowIcons);
 		return stage;
 	}
 

main/ui/src/main/java/org/cryptomator/ui/mainwindow/VaultDetailLockedController.java

@@ -26,7 +26,7 @@ public class VaultDetailLockedController implements FxController {
 
 	@FXML
 	public void unlock() {
-		application.showUnlockWindow(vault.get());
+		application.startUnlockWorkflow(vault.get());
 	}
 
 	@FXML

main/ui/src/main/java/org/cryptomator/ui/migration/MigrationModule.java

@@ -17,6 +17,7 @@ import org.cryptomator.ui.common.FxController;
 import org.cryptomator.ui.common.FxControllerKey;
 import org.cryptomator.ui.common.FxmlFile;
 import org.cryptomator.ui.common.FxmlScene;
+import org.cryptomator.ui.common.StageFactory;
 import org.cryptomator.ui.mainwindow.MainWindow;
 
 import javax.inject.Named;
@@ -38,13 +39,12 @@ abstract class MigrationModule {
 	@Provides
 	@MigrationWindow
 	@MigrationScoped
-	static Stage provideStage(@MainWindow Stage owner, ResourceBundle resourceBundle, @Named("windowIcons") List<Image> windowIcons) {
-		Stage stage = new Stage();
+	static Stage provideStage(StageFactory factory, @MainWindow Stage owner, ResourceBundle resourceBundle) {
+		Stage stage = factory.create();
 		stage.setTitle(resourceBundle.getString("migration.title"));
 		stage.setResizable(false);
 		stage.initModality(Modality.WINDOW_MODAL);
 		stage.initOwner(owner);
-		stage.getIcons().addAll(windowIcons);
 		return stage;
 	}
 	

main/ui/src/main/java/org/cryptomator/ui/migration/MigrationRunController.java

@@ -121,7 +121,7 @@ public class MigrationRunController implements FxController {
 			} else {
 				LOG.info("Migration of '{}' succeeded.", vault.getDisplayableName());
 				vault.setState(VaultState.LOCKED);
-				passwordField.swipe();
+				passwordField.wipe();
 				window.setScene(successScene.get());
 			}
 		}).onError(InvalidPassphraseException.class, e -> {

main/ui/src/main/java/org/cryptomator/ui/migration/MigrationSuccessController.java

@@ -1,8 +1,5 @@
 package org.cryptomator.ui.migration;
 
-import javafx.beans.property.ObjectProperty;
-import javafx.beans.property.ReadOnlyObjectProperty;
-import javafx.event.ActionEvent;
 import javafx.fxml.FXML;
 import javafx.stage.Stage;
 import org.cryptomator.common.vaults.Vault;
@@ -28,7 +25,7 @@ public class MigrationSuccessController implements FxController {
 	@FXML
 	public void unlockAndClose() {
 		close();
-		fxApplication.showUnlockWindow(vault);
+		fxApplication.startUnlockWorkflow(vault);
 	}
 
 	@FXML

main/ui/src/main/java/org/cryptomator/ui/preferences/PreferencesModule.java

@@ -15,6 +15,7 @@ import org.cryptomator.ui.common.FxController;
 import org.cryptomator.ui.common.FxControllerKey;
 import org.cryptomator.ui.common.FxmlFile;
 import org.cryptomator.ui.common.FxmlScene;
+import org.cryptomator.ui.common.StageFactory;
 
 import javax.inject.Named;
 import javax.inject.Provider;
@@ -41,11 +42,10 @@ abstract class PreferencesModule {
 	@Provides
 	@PreferencesWindow
 	@PreferencesScoped
-	static Stage provideStage(ResourceBundle resourceBundle, @Named("windowIcons") List<Image> windowIcons) {
-		Stage stage = new Stage();
+	static Stage provideStage(StageFactory factory, ResourceBundle resourceBundle) {
+		Stage stage = factory.create();
 		stage.setTitle(resourceBundle.getString("preferences.title"));
 		stage.setResizable(false);
-		stage.getIcons().addAll(windowIcons);
 		return stage;
 	}
 

main/ui/src/main/java/org/cryptomator/ui/quit/QuitModule.java

@@ -17,6 +17,7 @@ import org.cryptomator.ui.common.FxController;
 import org.cryptomator.ui.common.FxControllerKey;
 import org.cryptomator.ui.common.FxmlFile;
 import org.cryptomator.ui.common.FxmlScene;
+import org.cryptomator.ui.common.StageFactory;
 
 import javax.inject.Named;
 import javax.inject.Provider;
@@ -37,12 +38,11 @@ abstract class QuitModule {
 	@Provides
 	@QuitWindow
 	@QuitScoped
-	static Stage provideStage(@Named("windowIcons") List<Image> windowIcons) {
-		Stage stage = new Stage();
+	static Stage provideStage(StageFactory factory) {
+		Stage stage = factory.create();
 		stage.setMinWidth(300);
 		stage.setMinHeight(100);
 		stage.initModality(Modality.APPLICATION_MODAL);
-		stage.getIcons().addAll(windowIcons);
 		return stage;
 	}
 

main/ui/src/main/java/org/cryptomator/ui/recoverykey/RecoveryKeyModule.java

@@ -21,6 +21,7 @@ import org.cryptomator.ui.common.FxmlFile;
 import org.cryptomator.ui.common.FxmlScene;
 import org.cryptomator.ui.common.NewPasswordController;
 import org.cryptomator.ui.common.PasswordStrengthUtil;
+import org.cryptomator.ui.common.StageFactory;
 
 import javax.inject.Named;
 import javax.inject.Provider;
@@ -41,13 +42,12 @@ abstract class RecoveryKeyModule {
 	@Provides
 	@RecoveryKeyWindow
 	@RecoveryKeyScoped
-	static Stage provideStage(ResourceBundle resourceBundle, @Named("windowIcons") List<Image> windowIcons, @Named("keyRecoveryOwner") Stage owner) {
-		Stage stage = new Stage();
+	static Stage provideStage(StageFactory factory, ResourceBundle resourceBundle, @Named("keyRecoveryOwner") Stage owner) {
+		Stage stage = factory.create();
 		stage.setTitle(resourceBundle.getString("recoveryKey.title"));
 		stage.setResizable(false);
 		stage.initModality(Modality.WINDOW_MODAL);
 		stage.initOwner(owner);
-		stage.getIcons().addAll(windowIcons);
 		return stage;
 	}
 	

main/ui/src/main/java/org/cryptomator/ui/removevault/RemoveVaultModule.java

@@ -17,6 +17,7 @@ import org.cryptomator.ui.common.FxController;
 import org.cryptomator.ui.common.FxControllerKey;
 import org.cryptomator.ui.common.FxmlFile;
 import org.cryptomator.ui.common.FxmlScene;
+import org.cryptomator.ui.common.StageFactory;
 import org.cryptomator.ui.mainwindow.MainWindow;
 
 import javax.inject.Named;
@@ -38,13 +39,12 @@ abstract class RemoveVaultModule {
 	@Provides
 	@RemoveVaultWindow
 	@RemoveVaultScoped
-	static Stage provideStage(@MainWindow Stage owner,  ResourceBundle resourceBundle, @Named("windowIcons") List<Image> windowIcons) {
-		Stage stage = new Stage();
+	static Stage provideStage(StageFactory factory, @MainWindow Stage owner, ResourceBundle resourceBundle) {
+		Stage stage = factory.create();
 		stage.setTitle(resourceBundle.getString("removeVault.title"));
 		stage.setResizable(false);
 		stage.initModality(Modality.WINDOW_MODAL);
 		stage.initOwner(owner);
-		stage.getIcons().addAll(windowIcons);
 		return stage;
 	}
 

main/ui/src/main/java/org/cryptomator/ui/traymenu/TrayMenuController.java

@@ -103,7 +103,7 @@ class TrayMenuController {
 	}
 
 	private void unlockVault(Vault vault) {
-		fxApplicationStarter.get(true).thenAccept(app -> app.showUnlockWindow(vault));
+		fxApplicationStarter.get(true).thenAccept(app -> app.startUnlockWorkflow(vault));
 	}
 
 	private void lockVault(Vault vault) {

main/ui/src/main/java/org/cryptomator/ui/unlock/UnlockComponent.java

@@ -14,21 +14,23 @@ import org.cryptomator.ui.common.FxmlFile;
 import org.cryptomator.ui.common.FxmlScene;
 import org.cryptomator.common.vaults.Vault;
 
+import java.util.concurrent.Executor;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Future;
+import java.util.concurrent.FutureTask;
+
 @UnlockScoped
 @Subcomponent(modules = {UnlockModule.class})
 public interface UnlockComponent {
 
-	@UnlockWindow
-	Stage window();
+	ExecutorService defaultExecutorService();
 
-	@FxmlScene(FxmlFile.UNLOCK)
-	Lazy<Scene> scene();
-
-	default Stage showUnlockWindow() {
-		Stage stage = window();
-		stage.setScene(scene().get());
-		stage.show();
-		return stage;
+	UnlockWorkflow unlockWorkflow();
+	
+	default Future<Boolean> startUnlockWorkflow() {
+		UnlockWorkflow workflow = unlockWorkflow();
+		defaultExecutorService().submit(workflow);
+		return workflow;
 	}
 
 	@Subcomponent.Builder

main/ui/src/main/java/org/cryptomator/ui/unlock/UnlockController.java

@@ -1,39 +1,30 @@
 package org.cryptomator.ui.unlock;
 
-import dagger.Lazy;
 import javafx.beans.binding.Bindings;
+import javafx.beans.binding.BooleanBinding;
 import javafx.beans.binding.ObjectBinding;
 import javafx.beans.property.BooleanProperty;
 import javafx.beans.property.ReadOnlyBooleanProperty;
 import javafx.beans.property.SimpleBooleanProperty;
-import javafx.concurrent.Task;
 import javafx.fxml.FXML;
-import javafx.scene.Scene;
 import javafx.scene.control.CheckBox;
 import javafx.scene.control.ContentDisplay;
 import javafx.stage.Stage;
 import org.cryptomator.common.vaults.Vault;
-import org.cryptomator.common.vaults.VaultState;
-import org.cryptomator.cryptolib.api.InvalidPassphraseException;
 import org.cryptomator.keychain.KeychainAccess;
-import org.cryptomator.keychain.KeychainAccessException;
-import org.cryptomator.ui.common.Animations;
-import org.cryptomator.ui.common.ErrorComponent;
 import org.cryptomator.ui.common.FxController;
-import org.cryptomator.ui.common.FxmlFile;
-import org.cryptomator.ui.common.FxmlScene;
-import org.cryptomator.ui.common.VaultService;
+import org.cryptomator.ui.common.UserInteractionLock;
 import org.cryptomator.ui.controls.NiceSecurePasswordField;
 import org.cryptomator.ui.forgetPassword.ForgetPasswordComponent;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import javax.inject.Inject;
-import java.nio.file.DirectoryNotEmptyException;
-import java.nio.file.NotDirectoryException;
+import javax.inject.Named;
 import java.util.Arrays;
 import java.util.Optional;
-import java.util.concurrent.ExecutorService;
+import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.concurrent.atomic.AtomicReference;
 
 @UnlockScoped
 public class UnlockController implements FxController {
@@ -42,124 +33,70 @@ public class UnlockController implements FxController {
 
 	private final Stage window;
 	private final Vault vault;
-	private final ExecutorService executor;
-	private final ObjectBinding<ContentDisplay> unlockButtonState;
-	private final Optional<KeychainAccess> keychainAccess;
-	private final VaultService vaultService;
-	private final Lazy<Scene> successScene;
-	private final Lazy<Scene> invalidMountPointScene;
-	private final ErrorComponent.Builder errorComponent;
+	private final AtomicReference<char[]> password;
+	private final AtomicBoolean savePassword;
+	private final Optional<char[]> savedPassword;
+	private final UserInteractionLock<UnlockModule.PasswordEntry> passwordEntryLock;
 	private final ForgetPasswordComponent.Builder forgetPassword;
+	private final Optional<KeychainAccess> keychainAccess;
+	private final ObjectBinding<ContentDisplay> unlockButtonContentDisplay;
+	private final BooleanBinding userInteractionDisabled;
 	private final BooleanProperty unlockButtonDisabled;
 	public NiceSecurePasswordField passwordField;
-	public CheckBox savePassword;
+	public CheckBox savePasswordCheckbox;
 
 	@Inject
-	public UnlockController(@UnlockWindow Stage window, @UnlockWindow Vault vault, ExecutorService executor, Optional<KeychainAccess> keychainAccess, VaultService vaultService, @FxmlScene(FxmlFile.UNLOCK_SUCCESS) Lazy<Scene> successScene, @FxmlScene(FxmlFile.UNLOCK_INVALID_MOUNT_POINT) Lazy<Scene> invalidMountPointScene, ErrorComponent.Builder errorComponent, ForgetPasswordComponent.Builder forgetPassword) {
+	public UnlockController(@UnlockWindow Stage window, @UnlockWindow Vault vault, AtomicReference<char[]> password, @Named("savePassword") AtomicBoolean savePassword, @Named("savedPassword") Optional<char[]> savedPassword, UserInteractionLock<UnlockModule.PasswordEntry> passwordEntryLock, ForgetPasswordComponent.Builder forgetPassword, Optional<KeychainAccess> keychainAccess) {
 		this.window = window;
 		this.vault = vault;
-		this.executor = executor;
-		this.unlockButtonState = Bindings.createObjectBinding(this::getUnlockButtonState, vault.stateProperty());
-		this.keychainAccess = keychainAccess;
-		this.vaultService = vaultService;
-		this.successScene = successScene;
-		this.invalidMountPointScene = invalidMountPointScene;
-		this.errorComponent = errorComponent;
+		this.password = password;
+		this.savePassword = savePassword;
+		this.savedPassword = savedPassword;
+		this.passwordEntryLock = passwordEntryLock;
 		this.forgetPassword = forgetPassword;
+		this.keychainAccess = keychainAccess;
+		this.unlockButtonContentDisplay = Bindings.createObjectBinding(this::getUnlockButtonContentDisplay, passwordEntryLock.awaitingInteraction());
+		this.userInteractionDisabled = passwordEntryLock.awaitingInteraction().not();
 		this.unlockButtonDisabled = new SimpleBooleanProperty();
 	}
 
 	public void initialize() {
-		if (keychainAccess.isPresent()) {
-			loadStoredPassword();
-		} else {
-			savePassword.setSelected(false);
+		savePasswordCheckbox.setSelected(savedPassword.isPresent());
+		if (password.get() != null) {
+			passwordField.setPassword(password.get());
 		}
-		unlockButtonDisabled.bind(vault.stateProperty().isNotEqualTo(VaultState.LOCKED).or(passwordField.textProperty().isEmpty()));
+		unlockButtonDisabled.bind(userInteractionDisabled.or(passwordField.textProperty().isEmpty()));
 	}
 
 	@FXML
 	public void cancel() {
 		LOG.debug("Unlock canceled by user.");
 		window.close();
+		passwordEntryLock.interacted(UnlockModule.PasswordEntry.CANCELED);
 	}
 
 	@FXML
 	public void unlock() {
 		LOG.trace("UnlockController.unlock()");
-		CharSequence password = passwordField.getCharacters();
-
-		Task<Vault> task = vaultService.createUnlockTask(vault, password);
-		passwordField.setDisable(true);
-		task.setOnSucceeded(event -> {
-			passwordField.setDisable(false);
-			if (keychainAccess.isPresent() && savePassword.isSelected()) {
-				try {
-					keychainAccess.get().storePassphrase(vault.getId(), password);
-				} catch (KeychainAccessException e) {
-					LOG.error("Failed to store passphrase in system keychain.", e);
-				}
-			}
-			passwordField.swipe();
-			LOG.info("Unlock of '{}' succeeded.", vault.getDisplayableName());
-			window.setScene(successScene.get());
-		});
-		task.setOnFailed(event -> {
-			passwordField.setDisable(false);
-			if (task.getException() instanceof InvalidPassphraseException) {
-				Animations.createShakeWindowAnimation(window).play();
-				passwordField.selectAll();
-				passwordField.requestFocus();
-			} else if (task.getException() instanceof NotDirectoryException || task.getException() instanceof DirectoryNotEmptyException) {
-				LOG.error("Unlock failed. Mount point not an empty directory: {}", task.getException().getMessage());
-				window.setScene(invalidMountPointScene.get());
-			} else {
-				LOG.error("Unlock failed for technical reasons.", task.getException());
-				errorComponent.cause(task.getException()).window(window).returnToScene(window.getScene()).build().showErrorScene();
-			}
-		});
-		executor.execute(task);
+		CharSequence pwFieldContents = passwordField.getCharacters();
+		char[] newPw = new char[pwFieldContents.length()];
+		for (int i = 0; i < pwFieldContents.length(); i++) {
+			newPw[i] = pwFieldContents.charAt(i);
+		}
+		char[] oldPw = password.getAndSet(newPw);
+		if (oldPw != null) {
+			Arrays.fill(oldPw, ' ');
+		}
+		passwordEntryLock.interacted(UnlockModule.PasswordEntry.PASSWORD_ENTERED);
 	}
 
 	/* Save Password */
 
 	@FXML
 	private void didClickSavePasswordCheckbox() {
-		if (!savePassword.isSelected() && hasStoredPassword()) {
-			forgetPassword.vault(vault).owner(window).build().showForgetPassword().thenAccept(forgotten -> savePassword.setSelected(!forgotten));
-		}
-	}
-
-	private void loadStoredPassword() {
-		assert keychainAccess.isPresent();
-		char[] storedPw = null;
-		try {
-			storedPw = keychainAccess.get().loadPassphrase(vault.getId());
-			if (storedPw != null) {
-				savePassword.setSelected(true);
-				passwordField.setPassword(storedPw);
-				passwordField.selectRange(storedPw.length, storedPw.length);
-			}
-		} catch (KeychainAccessException e) {
-			LOG.error("Failed to load entry from system keychain.", e);
-		} finally {
-			if (storedPw != null) {
-				Arrays.fill(storedPw, ' ');
-			}
-		}
-	}
-
-	private boolean hasStoredPassword() {
-		char[] storedPw = null;
-		try {
-			storedPw = keychainAccess.get().loadPassphrase(vault.getId());
-			return storedPw != null;
-		} catch (KeychainAccessException e) {
-			return false;
-		} finally {
-			if (storedPw != null) {
-				Arrays.fill(storedPw, ' ');
-			}
+		savePassword.set(savePasswordCheckbox.isSelected());
+		if (!savePasswordCheckbox.isSelected() && savedPassword.isPresent()) {
+			forgetPassword.vault(vault).owner(window).build().showForgetPassword().thenAccept(forgotten -> savePasswordCheckbox.setSelected(!forgotten));
 		}
 	}
 
@@ -169,15 +106,20 @@ public class UnlockController implements FxController {
 		return vault;
 	}
 
-	public ObjectBinding<ContentDisplay> unlockButtonStateProperty() {
-		return unlockButtonState;
+	public ObjectBinding<ContentDisplay> unlockButtonContentDisplayProperty() {
+		return unlockButtonContentDisplay;
 	}
 
-	public ContentDisplay getUnlockButtonState() {
-		return switch (vault.getState()) {
-			case PROCESSING -> ContentDisplay.LEFT;
-			default -> ContentDisplay.TEXT_ONLY;
-		};
+	public ContentDisplay getUnlockButtonContentDisplay() {
+		return passwordEntryLock.awaitingInteraction().get() ? ContentDisplay.TEXT_ONLY : ContentDisplay.LEFT;
+	}
+
+	public BooleanBinding userInteractionDisabledProperty() {
+		return userInteractionDisabled;
+	}
+
+	public boolean isUserInteractionDisabled() {
+		return userInteractionDisabled.get();
 	}
 
 	public ReadOnlyBooleanProperty unlockButtonDisabledProperty() {

main/ui/src/main/java/org/cryptomator/ui/unlock/UnlockInvalidMountPointController.java

@@ -33,7 +33,7 @@ public class UnlockInvalidMountPointController implements FxController {
 	/* Getter/Setter */
 
 	public String getMountPoint() {
-		return vault.getVaultSettings().getIndividualMountPath().orElse("AUTO");
+		return vault.getVaultSettings().getCustomMountPath().orElse("AUTO");
 	}
 
 }

main/ui/src/main/java/org/cryptomator/ui/unlock/UnlockModule.java

@@ -9,23 +9,73 @@ import javafx.scene.image.Image;
 import javafx.stage.Modality;
 import javafx.stage.Stage;
 import org.cryptomator.common.vaults.Vault;
+import org.cryptomator.keychain.KeychainAccess;
+import org.cryptomator.keychain.KeychainAccessException;
 import org.cryptomator.ui.common.DefaultSceneFactory;
 import org.cryptomator.ui.common.FXMLLoaderFactory;
 import org.cryptomator.ui.common.FxController;
 import org.cryptomator.ui.common.FxControllerKey;
 import org.cryptomator.ui.common.FxmlFile;
 import org.cryptomator.ui.common.FxmlScene;
+import org.cryptomator.ui.common.StageFactory;
+import org.cryptomator.ui.common.UserInteractionLock;
 import org.cryptomator.ui.forgetPassword.ForgetPasswordComponent;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import javax.inject.Named;
 import javax.inject.Provider;
+import java.nio.CharBuffer;
 import java.util.List;
 import java.util.Map;
+import java.util.Optional;
 import java.util.ResourceBundle;
+import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.concurrent.atomic.AtomicReference;
+import java.util.concurrent.locks.Condition;
+import java.util.concurrent.locks.Lock;
+import java.util.concurrent.locks.ReentrantLock;
 
 @Module(subcomponents = {ForgetPasswordComponent.class})
 abstract class UnlockModule {
 
+	private static final Logger LOG = LoggerFactory.getLogger(UnlockModule.class);
+
+	public enum PasswordEntry {PASSWORD_ENTERED, CANCELED}
+
+	@Provides
+	@UnlockScoped
+	static UserInteractionLock<PasswordEntry> providePasswordEntryLock() {
+		return new UserInteractionLock<>(null);
+	}
+
+	@Provides
+	@Named("savedPassword")
+	@UnlockScoped
+	static Optional<char[]> provideStoredPassword(Optional<KeychainAccess> keychainAccess, @UnlockWindow Vault vault) {
+		return keychainAccess.map(k -> {
+			try {
+				return k.loadPassphrase(vault.getId());
+			} catch (KeychainAccessException e) {
+				LOG.error("Failed to load entry from system keychain.", e);
+				return null;
+			}
+		});
+	}
+	
+	@Provides
+	@UnlockScoped
+	static AtomicReference<char[]> providePassword(@Named("savedPassword") Optional<char[]> storedPassword) {
+		return new AtomicReference(storedPassword.orElse(null));
+	}
+
+	@Provides
+	@Named("savePassword")
+	@UnlockScoped
+	static AtomicBoolean provideSavePasswordFlag(@Named("savedPassword") Optional<char[]> storedPassword) {
+		return new AtomicBoolean(storedPassword.isPresent());
+	}
+
 	@Provides
 	@UnlockWindow
 	@UnlockScoped
@@ -36,12 +86,11 @@ abstract class UnlockModule {
 	@Provides
 	@UnlockWindow
 	@UnlockScoped
-	static Stage provideStage(@UnlockWindow Vault vault, @Named("windowIcons") List<Image> windowIcons) {
-		Stage stage = new Stage();
+	static Stage provideStage(StageFactory factory, @UnlockWindow Vault vault) {
+		Stage stage = factory.create();
 		stage.setTitle(vault.getDisplayableName());
 		stage.setResizable(false);
 		stage.initModality(Modality.APPLICATION_MODAL);
-		stage.getIcons().addAll(windowIcons);
 		return stage;
 	}
 

main/ui/src/main/java/org/cryptomator/ui/unlock/UnlockSuccessController.java

@@ -7,8 +7,10 @@ import javafx.beans.property.SimpleBooleanProperty;
 import javafx.beans.property.SimpleObjectProperty;
 import javafx.concurrent.Task;
 import javafx.fxml.FXML;
+import javafx.scene.control.CheckBox;
 import javafx.scene.control.ContentDisplay;
 import javafx.stage.Stage;
+import org.cryptomator.common.settings.WhenUnlocked;
 import org.cryptomator.common.vaults.Vault;
 import org.cryptomator.ui.common.FxController;
 import org.cryptomator.ui.common.VaultService;
@@ -29,6 +31,8 @@ public class UnlockSuccessController implements FxController {
 	private final VaultService vaultService;
 	private final ObjectProperty<ContentDisplay> revealButtonState;
 	private final BooleanProperty revealButtonDisabled;
+	
+	public CheckBox rememberChoiceCheckbox;
 
 	@Inject
 	public UnlockSuccessController(@UnlockWindow Stage window, @UnlockWindow Vault vault, ExecutorService executor, VaultService vaultService) {
@@ -44,6 +48,9 @@ public class UnlockSuccessController implements FxController {
 	public void close() {
 		LOG.trace("UnlockSuccessController.close()");
 		window.close();
+		if (rememberChoiceCheckbox.isSelected()) {
+			vault.getVaultSettings().actionAfterUnlock().setValue(WhenUnlocked.IGNORE);
+		}
 	}
 
 	@FXML
@@ -64,6 +71,9 @@ public class UnlockSuccessController implements FxController {
 			revealButtonDisabled.set(false);
 		});
 		executor.execute(revealTask);
+		if (rememberChoiceCheckbox.isSelected()) {
+			vault.getVaultSettings().actionAfterUnlock().setValue(WhenUnlocked.REVEAL);
+		}
 	}
 
 	/* Getter/Setter */

main/ui/src/main/java/org/cryptomator/ui/unlock/UnlockWorkflow.java

@@ -0,0 +1,187 @@
+package org.cryptomator.ui.unlock;
+
+import dagger.Lazy;
+import javafx.application.Platform;
+import javafx.concurrent.Task;
+import javafx.scene.Scene;
+import javafx.stage.Stage;
+import org.cryptomator.common.vaults.Vault;
+import org.cryptomator.common.vaults.VaultState;
+import org.cryptomator.common.vaults.Volume;
+import org.cryptomator.cryptolib.api.CryptoException;
+import org.cryptomator.cryptolib.api.InvalidPassphraseException;
+import org.cryptomator.keychain.KeychainAccess;
+import org.cryptomator.keychain.KeychainAccessException;
+import org.cryptomator.ui.common.Animations;
+import org.cryptomator.ui.common.ErrorComponent;
+import org.cryptomator.ui.common.FxmlFile;
+import org.cryptomator.ui.common.FxmlScene;
+import org.cryptomator.ui.common.UserInteractionLock;
+import org.cryptomator.ui.common.VaultService;
+import org.cryptomator.ui.unlock.UnlockModule.PasswordEntry;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import javax.inject.Named;
+import java.io.IOException;
+import java.nio.CharBuffer;
+import java.nio.file.DirectoryNotEmptyException;
+import java.nio.file.FileSystemException;
+import java.nio.file.NotDirectoryException;
+import java.util.Arrays;
+import java.util.Optional;
+import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.concurrent.atomic.AtomicReference;
+
+/**
+ * A multi-step task that consists of background activities as well as user interaction.
+ * <p>
+ * This class runs the unlock process and controls when to display which UI.
+ */
+@UnlockScoped
+public class UnlockWorkflow extends Task<Boolean> {
+
+	private static final Logger LOG = LoggerFactory.getLogger(UnlockWorkflow.class);
+
+	private final Stage window;
+	private final Vault vault;
+	private final VaultService vaultService;
+	private final AtomicReference<char[]> password;
+	private final AtomicBoolean savePassword;
+	private final Optional<char[]> savedPassword;
+	private final UserInteractionLock<PasswordEntry> passwordEntryLock;
+	private final Optional<KeychainAccess> keychain;
+	private final Lazy<Scene> unlockScene;
+	private final Lazy<Scene> successScene;
+	private final Lazy<Scene> invalidMountPointScene;
+	private final ErrorComponent.Builder errorComponent;
+
+	@Inject
+	UnlockWorkflow(@UnlockWindow Stage window, @UnlockWindow Vault vault, VaultService vaultService, AtomicReference<char[]> password, @Named("savePassword") AtomicBoolean savePassword, @Named("savedPassword") Optional<char[]> savedPassword, UserInteractionLock<PasswordEntry> passwordEntryLock, Optional<KeychainAccess> keychain, @FxmlScene(FxmlFile.UNLOCK) Lazy<Scene> unlockScene, @FxmlScene(FxmlFile.UNLOCK_SUCCESS) Lazy<Scene> successScene, @FxmlScene(FxmlFile.UNLOCK_INVALID_MOUNT_POINT) Lazy<Scene> invalidMountPointScene, ErrorComponent.Builder errorComponent) {
+		this.window = window;
+		this.vault = vault;
+		this.vaultService = vaultService;
+		this.password = password;
+		this.savePassword = savePassword;
+		this.savedPassword = savedPassword;
+		this.passwordEntryLock = passwordEntryLock;
+		this.keychain = keychain;
+		this.unlockScene = unlockScene;
+		this.successScene = successScene;
+		this.invalidMountPointScene = invalidMountPointScene;
+		this.errorComponent = errorComponent;
+	}
+
+	@Override
+	protected Boolean call() throws InterruptedException, IOException, Volume.VolumeException {
+		try {
+			if (attemptUnlock()) {
+				handleSuccess();
+				return true;
+			} else {
+				cancel(false); // set Tasks state to cancelled
+				return false;
+			}
+		} catch (NotDirectoryException | DirectoryNotEmptyException e) {
+			handleInvalidMountPoint(e);
+			throw e; // rethrow to trigger correct exception handling in Task
+		} catch (CryptoException | Volume.VolumeException | IOException e) {
+			handleGenericError(e);
+			throw e; // rethrow to trigger correct exception handling in Task
+		} finally {
+			wipePassword(password.get());
+			wipePassword(savedPassword.orElse(null));
+		}
+	}
+	
+	private boolean attemptUnlock() throws InterruptedException, IOException, Volume.VolumeException {
+		boolean proceed = password.get() != null || askForPassword(false) == PasswordEntry.PASSWORD_ENTERED;
+		while (proceed) {
+			try {
+				vault.unlock(CharBuffer.wrap(password.get()));
+				return true;
+			} catch (InvalidPassphraseException e) {
+				proceed = askForPassword(true) == PasswordEntry.PASSWORD_ENTERED;
+			}
+		}
+		return false;
+	}
+
+	private PasswordEntry askForPassword(boolean animateShake) throws InterruptedException {
+		Platform.runLater(() -> {
+			window.setScene(unlockScene.get());
+			window.show();
+			if (animateShake) {
+				Animations.createShakeWindowAnimation(window).play();
+			}
+		});
+		return passwordEntryLock.awaitInteraction();
+	}
+
+	private void handleSuccess() {
+		LOG.info("Unlock of '{}' succeeded.", vault.getDisplayableName());
+		if (savePassword.get()) {
+			savePasswordToSystemkeychain();
+		}
+		switch (vault.getVaultSettings().actionAfterUnlock().get()) {
+			case ASK -> Platform.runLater(() -> {
+				window.setScene(successScene.get());
+				window.show();
+			});
+			case REVEAL -> vaultService.reveal(vault);
+			case IGNORE -> {}
+		}
+	}
+
+	private void savePasswordToSystemkeychain() {
+		if (keychain.isPresent()) {
+			try {
+				keychain.get().storePassphrase(vault.getId(), CharBuffer.wrap(password.get()));
+			} catch (KeychainAccessException e) {
+				LOG.error("Failed to store passphrase in system keychain.", e);
+			}
+		}
+	}
+
+	private void handleInvalidMountPoint(FileSystemException e) {
+		LOG.error("Unlock failed. Mount point not an empty directory: {}", e.getMessage());
+		Platform.runLater(() -> {
+			window.setScene(invalidMountPointScene.get());
+		});
+	}
+
+	private void handleGenericError(Exception e) {
+		LOG.error("Unlock failed for technical reasons.", e);
+		Platform.runLater(() -> {
+			errorComponent.cause(e).window(window).returnToScene(window.getScene()).build().showErrorScene();
+		});
+	}
+
+	private void wipePassword(char[] pw) {
+		if (pw != null) {
+			Arrays.fill(pw, ' ');
+		}
+	}
+
+	@Override
+	protected void scheduled() {
+		vault.setState(VaultState.PROCESSING);
+	}
+
+	@Override
+	protected void succeeded() {
+		vault.setState(VaultState.UNLOCKED);
+	}
+
+	@Override
+	protected void failed() {
+		vault.setState(VaultState.LOCKED);
+	}
+
+	@Override
+	protected void cancelled() {
+		vault.setState(VaultState.LOCKED);
+	}
+
+}

main/ui/src/main/java/org/cryptomator/ui/vaultoptions/GeneralVaultOptionsController.java

@@ -2,24 +2,56 @@ package org.cryptomator.ui.vaultoptions;
 
 import javafx.fxml.FXML;
 import javafx.scene.control.CheckBox;
+import javafx.scene.control.ChoiceBox;
+import javafx.util.StringConverter;
+import org.cryptomator.common.settings.UiTheme;
+import org.cryptomator.common.settings.WhenUnlocked;
 import org.cryptomator.common.vaults.Vault;
 import org.cryptomator.ui.common.FxController;
 
 import javax.inject.Inject;
+import java.util.ResourceBundle;
 
 @VaultOptionsScoped
 public class GeneralVaultOptionsController implements FxController {
 
 	private final Vault vault;
+	private final ResourceBundle resourceBundle;
+
 	public CheckBox unlockOnStartupCheckbox;
+	public ChoiceBox<WhenUnlocked> actionAfterUnlockChoiceBox;
 
 	@Inject
-	GeneralVaultOptionsController(@VaultOptionsWindow Vault vault) {
+	GeneralVaultOptionsController(@VaultOptionsWindow Vault vault, ResourceBundle resourceBundle) {
 		this.vault = vault;
+		this.resourceBundle = resourceBundle;
 	}
 
 	@FXML
 	public void initialize() {
 		unlockOnStartupCheckbox.selectedProperty().bindBidirectional(vault.getVaultSettings().unlockAfterStartup());
+		actionAfterUnlockChoiceBox.getItems().addAll(WhenUnlocked.values());
+		actionAfterUnlockChoiceBox.valueProperty().bindBidirectional(vault.getVaultSettings().actionAfterUnlock());
+		actionAfterUnlockChoiceBox.setConverter(new WhenUnlockedConverter(resourceBundle));
 	}
+
+	private static class WhenUnlockedConverter extends StringConverter<WhenUnlocked> {
+		
+		private final ResourceBundle resourceBundle;
+
+		public WhenUnlockedConverter(ResourceBundle resourceBundle) {
+			this.resourceBundle = resourceBundle;
+		}
+
+		@Override
+		public String toString(WhenUnlocked obj) {
+			return resourceBundle.getString(obj.getDisplayName());
+		}
+
+		@Override
+		public WhenUnlocked fromString(String string) {
+			throw new UnsupportedOperationException();
+		}
+	}
+
 }

main/ui/src/main/java/org/cryptomator/ui/vaultoptions/MountOptionsController.java

@@ -85,7 +85,7 @@ public class MountOptionsController implements FxController {
 		driveLetterSelection.setConverter(new WinDriveLetterLabelConverter(windowsDriveLetters, resourceBundle));
 		driveLetterSelection.setValue(vault.getVaultSettings().winDriveLetter().get());
 
-		if (vault.getVaultSettings().usesIndividualMountPath().get()) {
+		if (vault.getVaultSettings().useCustomMountPath().get()) {
 			mountPoint.selectToggle(mountPointCustomDir);
 		} else if (!Strings.isNullOrEmpty(vault.getVaultSettings().winDriveLetter().get())) {
 			mountPoint.selectToggle(mountPointWinDriveLetter);
@@ -93,7 +93,7 @@ public class MountOptionsController implements FxController {
 			mountPoint.selectToggle(mountPointAuto);
 		}
 
-		vault.getVaultSettings().usesIndividualMountPath().bind(mountPoint.selectedToggleProperty().isEqualTo(mountPointCustomDir));
+		vault.getVaultSettings().useCustomMountPath().bind(mountPoint.selectedToggleProperty().isEqualTo(mountPointCustomDir));
 		vault.getVaultSettings().winDriveLetter().bind( //
 				Bindings.when(mountPoint.selectedToggleProperty().isEqualTo(mountPointWinDriveLetter)) //
 						.then(driveLetterSelection.getSelectionModel().selectedItemProperty()) //
@@ -126,14 +126,14 @@ public class MountOptionsController implements FxController {
 		}
 		File file = directoryChooser.showDialog(window);
 		if (file != null) {
-			vault.getVaultSettings().individualMountPath().set(file.getAbsolutePath());
+			vault.getVaultSettings().customMountPath().set(file.getAbsolutePath());
 		} else {
-			vault.getVaultSettings().individualMountPath().set(null);
+			vault.getVaultSettings().customMountPath().set(null);
 		}
 	}
 
 	private void toggleMountPoint(@SuppressWarnings("unused") ObservableValue<? extends Toggle> observable, @SuppressWarnings("unused") Toggle oldValue, Toggle newValue) {
-		if (mountPointCustomDir.equals(newValue) && Strings.isNullOrEmpty(vault.getVaultSettings().individualMountPath().get())) {
+		if (mountPointCustomDir.equals(newValue) && Strings.isNullOrEmpty(vault.getVaultSettings().customMountPath().get())) {
 			chooseCustomMountPoint();
 		}
 	}
@@ -186,11 +186,11 @@ public class MountOptionsController implements FxController {
 	}
 
 	public StringProperty customMountPathProperty() {
-		return vault.getVaultSettings().individualMountPath();
+		return vault.getVaultSettings().customMountPath();
 	}
 
 	public String getCustomMountPath() {
-		return vault.getVaultSettings().individualMountPath().get();
+		return vault.getVaultSettings().customMountPath().get();
 	}
 
 }

main/ui/src/main/java/org/cryptomator/ui/vaultoptions/VaultOptionsModule.java

@@ -16,6 +16,7 @@ import org.cryptomator.ui.common.FxController;
 import org.cryptomator.ui.common.FxControllerKey;
 import org.cryptomator.ui.common.FxmlFile;
 import org.cryptomator.ui.common.FxmlScene;
+import org.cryptomator.ui.common.StageFactory;
 import org.cryptomator.ui.mainwindow.MainWindow;
 import org.cryptomator.ui.recoverykey.RecoveryKeyComponent;
 
@@ -38,15 +39,14 @@ abstract class VaultOptionsModule {
 	@Provides
 	@VaultOptionsWindow
 	@VaultOptionsScoped
-	static Stage provideStage(@MainWindow Stage owner, @VaultOptionsWindow Vault vault, ResourceBundle resourceBundle, @Named("windowIcons") List<Image> windowIcons) {
-		Stage stage = new Stage();
+	static Stage provideStage(StageFactory factory, @MainWindow Stage owner, @VaultOptionsWindow Vault vault) {
+		Stage stage = factory.create();
 		stage.setTitle(vault.getDisplayableName());
 		stage.setResizable(true);
 		stage.setMinWidth(400);
 		stage.setMinHeight(300);
 		stage.initModality(Modality.WINDOW_MODAL);
 		stage.initOwner(owner);
-		stage.getIcons().addAll(windowIcons);
 		return stage;
 	}
 

main/ui/src/main/java/org/cryptomator/ui/wrongfilealert/WrongFileAlertModule.java

@@ -14,6 +14,7 @@ import org.cryptomator.ui.common.FxController;
 import org.cryptomator.ui.common.FxControllerKey;
 import org.cryptomator.ui.common.FxmlFile;
 import org.cryptomator.ui.common.FxmlScene;
+import org.cryptomator.ui.common.StageFactory;
 import org.cryptomator.ui.mainwindow.MainWindow;
 
 import javax.inject.Named;
@@ -35,13 +36,12 @@ abstract class WrongFileAlertModule {
 	@Provides
 	@WrongFileAlertWindow
 	@WrongFileAlertScoped
-	static Stage provideStage(@MainWindow Stage mainWindow, ResourceBundle resourceBundle, @Named("windowIcons") List<Image> windowIcons) {
-		Stage stage = new Stage();
+	static Stage provideStage(StageFactory factory, @MainWindow Stage mainWindow, ResourceBundle resourceBundle) {
+		Stage stage = factory.create();
 		stage.setTitle(resourceBundle.getString("wrongFileAlert.title"));
 		stage.setResizable(false);
 		stage.initOwner(mainWindow);
 		stage.initModality(Modality.WINDOW_MODAL);
-		stage.getIcons().addAll(windowIcons);
 		return stage;
 	}
 

main/ui/src/main/resources/fxml/unlock.fxml

@@ -21,15 +21,15 @@
 	<children>
 		<VBox spacing="6">
 			<FormattedLabel format="%unlock.passwordPrompt" arg1="${controller.vault.displayableName}" wrapText="true"/>
-			<NiceSecurePasswordField fx:id="passwordField"/>
-			<CheckBox fx:id="savePassword" text="%unlock.savePassword" onAction="#didClickSavePasswordCheckbox" disable="${controller.vault.processing}" visible="${controller.keychainAccessAvailable}"/>
+			<NiceSecurePasswordField fx:id="passwordField" disable="${controller.userInteractionDisabled}"/>
+			<CheckBox fx:id="savePasswordCheckbox" text="%unlock.savePassword" onAction="#didClickSavePasswordCheckbox" disable="${controller.userInteractionDisabled}" visible="${controller.keychainAccessAvailable}"/>
 		</VBox>
 
 		<VBox alignment="BOTTOM_CENTER" VBox.vgrow="ALWAYS">
 			<ButtonBar buttonMinWidth="120" buttonOrder="+CI">
 				<buttons>
-					<Button text="%generic.button.cancel" ButtonBar.buttonData="CANCEL_CLOSE" cancelButton="true" onAction="#cancel" disable="${controller.vault.processing}"/>
-					<Button text="%unlock.unlockBtn" ButtonBar.buttonData="FINISH" defaultButton="true" onAction="#unlock" contentDisplay="${controller.unlockButtonState}" disable="${controller.unlockButtonDisabled}">
+					<Button text="%generic.button.cancel" ButtonBar.buttonData="CANCEL_CLOSE" cancelButton="true" onAction="#cancel" disable="${controller.userInteractionDisabled}"/>
+					<Button text="%unlock.unlockBtn" ButtonBar.buttonData="FINISH" defaultButton="true" onAction="#unlock" contentDisplay="${controller.unlockButtonContentDisplay}" disable="${controller.unlockButtonDisabled}">
 						<graphic>
 							<ProgressIndicator progress="-1" prefWidth="12" prefHeight="12"/>
 						</graphic>

main/ui/src/main/resources/fxml/unlock_success.fxml

@@ -10,6 +10,7 @@
 <?import javafx.scene.shape.Circle?>
 <?import org.cryptomator.ui.controls.FontAwesome5IconView?>
 <?import org.cryptomator.ui.controls.FormattedLabel?>
+<?import javafx.scene.control.CheckBox?>
 <VBox xmlns="http://javafx.com/javafx"
 	  xmlns:fx="http://javafx.com/fxml"
 	  fx:controller="org.cryptomator.ui.unlock.UnlockSuccessController"
@@ -26,7 +27,10 @@
 				<Circle styleClass="glyph-icon-primary" radius="24"/>
 				<FontAwesome5IconView styleClass="glyph-icon-white" glyph="CHECK" glyphSize="24"/>
 			</StackPane>
-			<FormattedLabel format="%unlock.success.message" arg1="${controller.vault.displayableName}" wrapText="true" HBox.hgrow="ALWAYS"/>
+			<VBox spacing="6">
+				<FormattedLabel format="%unlock.success.message" arg1="${controller.vault.displayableName}" wrapText="true" HBox.hgrow="ALWAYS"/>
+				<CheckBox text="%unlock.success.rememberChoice" fx:id="rememberChoiceCheckbox"/>
+			</VBox>
 		</HBox>
 
 		<VBox alignment="BOTTOM_CENTER" VBox.vgrow="ALWAYS">

main/ui/src/main/resources/fxml/vault_options_general.fxml

@@ -3,6 +3,9 @@
 <?import javafx.geometry.Insets?>
 <?import javafx.scene.control.CheckBox?>
 <?import javafx.scene.layout.VBox?>
+<?import javafx.scene.control.ChoiceBox?>
+<?import javafx.scene.layout.HBox?>
+<?import javafx.scene.control.Label?>
 <VBox xmlns="http://javafx.com/javafx"
 	  xmlns:fx="http://javafx.com/fxml"
 	  fx:controller="org.cryptomator.ui.vaultoptions.GeneralVaultOptionsController"
@@ -12,5 +15,10 @@
 	</padding>
 	<children>
 		<CheckBox text="%vaultOptions.general.unlockAfterStartup" fx:id="unlockOnStartupCheckbox"/>
+
+		<HBox spacing="6" alignment="CENTER_LEFT">
+			<Label text="%vaultOptions.general.actionAfterUnlock"/>
+			<ChoiceBox fx:id="actionAfterUnlockChoiceBox"/>
+		</HBox>
 	</children>
 </VBox>

main/ui/src/main/resources/i18n/strings.properties

@@ -96,6 +96,7 @@ unlock.savePassword=Save Password
 unlock.unlockBtn=Unlock
 ## Success
 unlock.success.message=Unlocked "%s" successfully! Your vault is now accessible.
+unlock.success.rememberChoice=Remember choice, don't show this again
 unlock.success.revealBtn=Reveal Vault
 ## Invalid Mount Point
 unlock.error.invalidMountPoint=Mount point is not an empty directory: %s
@@ -206,6 +207,10 @@ wrongFileAlert.link=For further assistance, visit
 ## General
 vaultOptions.general=General
 vaultOptions.general.unlockAfterStartup=Unlock vault when starting Cryptomator
+vaultOptions.general.actionAfterUnlock=After successful unlock
+vaultOptions.general.actionAfterUnlock.ignore=Do nothing
+vaultOptions.general.actionAfterUnlock.reveal=Reveal Drive
+vaultOptions.general.actionAfterUnlock.ask=Ask
 ## Mount
 vaultOptions.mount=Mounting
 vaultOptions.mount.readonly=Read-Only

main/ui/src/test/java/org/cryptomator/ui/controls/SecurePasswordFieldTest.java

@@ -152,7 +152,7 @@ class SecurePasswordFieldTest {
 
 		CharSequence result1 = pwField.getCharacters();
 		Assertions.assertEquals("topSecret", result1.toString());
-		pwField.swipe();
+		pwField.wipe();
 		CharSequence result2 = pwField.getCharacters();
 		Assertions.assertEquals("         ", result1.toString());
 		Assertions.assertEquals("", result2.toString());