Let’s clarify what you were doing (and wish to continue to do). There is no such thing as login with Windows Hello for the Bitwarden Desktop app, so presumably, you were using the “Unlock with Biometrics” option to unlock the Desktop app, which you were leaving in a logged-in state (but possibly closed/not running).
Unless I have completely misunderstood what you are complaining about, I believe that you had disabled the security feature “Require Master Password on Restart”, allowing you to also unlock the Desktop app using Windows Hello when you restart the closed app.
As explained here, disabling “Require Master Password on Restart” weakens the security of your vault data. With such a configuration, an attacker who tricks you into completing a Windows Hello authorization (perhaps when you’re not even trying to access your vault, thereby catching you off-guard) will be easily able to steal and decrypt your vault contents, whether your Desktop app is running or not.
As of version 2025.8.0, to access and decrypt your vault data while the Desktop app is open but locked, an attacker would need to do two things: (1) Trick you into completing a Windows Hello authorization; and (2) Do a memory dump and find the clientKeyHalf. If the Desktop app is closed, then the attacker will be unable to decrypt your vault contents unless they can obtain or guess your master password (or PIN, if you have enabled PIN unlock).
In contrast, as explained above, if you disabled “Require Master Password on Restart” on versions prior to 2025.8.0, then the attacker would only need to trick you into completing a Windows Hello authorization, whether the Desktop app is open or closed during said attack. This would give them full access to your decrypted vault contents.
So, the bottom line is that leaving the version 2025.8.0 Desktop app locked and running in the background (perhaps minimized to the tray icon) is somewhat more secure than keeping a pre-2025.8.0 Desktop app closed and unlocking it with biometrics on each restart.
It does say it: The sentence “Password or PIN now always required on Windows” (which you had trouble understanding) says that when restarting a closed Desktop app, entry of the master password or a PIN is “now always required on Windows”. Clearly, this implies that biometrics is no longer an option for unlocking a Desktop app on restart.