Andrei

Unless the password contains a colon symbol (:), in which case iOS will mess up capitalization of pasted text.

The company behind seems like a legit French startup founded in 2017, some article mentions there 15 employees. The name choice was surely not accidental and is definitely a sleazy, unethical tactic. But legally they are in the clear: nobody has exclusive rights to the name. Dominik could push them back by registering "keepass" as a trademark early on. But today this would be a slow and expensive process.

Unfortunately, it's not that easy. Yes, the icon is similar, but KeePass' icon is covered by the project's GPL license which explicitly allows derived works. Yes, KPass violates the license by not crediting the original and not publishing the source of their icon — but this is not a clear-cut copyright violation, so Google won't intervene without legal paperwork. Which is just not worth the trouble. An easy(-ier) solution would be if the logo and/or name were registered trademarks. Both Google and...

It is compatible, so indeed related in a way. But the icon is only a tip of the iceberg, it gets much uglier.

KeePass is a Windows application. Which phone app you use?

most powerful computer imaginable Let's not forget about GPUs and ASICs. Consider we take AES-KDF and Argon2 with iteration count that makes them run 1 second on an average desktop. Calculating AES-KDF requires about 2*320 = 640 bytes of RAM. Argon2's memory is configurable, let's assume a mobile-friendly value of 32 MB. A GPU like Nvidia H100 has 80 GB of RAM. So it can simultaneously brute-force 125M keys with AES-KDF and only 2.5K with Argon2 (that's 80e9/640 vs 80e9/32e6). That is, Argon2 is...

Enforcing a strong master key is only part of solution. Given a strong master key, a strong KDF (Argon2id) is better than weak KDF (AES-KDF).

Thomas, do you mind if I ask you now? I'm facing this very problem — constraining the KDF in managed configuration — but from developer's perspective. It would be very useful to know your expectations as an administrator. Do you need only to enforce specific KDF (e.g. Argon2id), or also its parameters? If the latter, does it have to be a range of allowed values (for users to customize), or just fixed values decided by you?