olaus

Add automatic security update check

That's true in an ivory tower. In real life people don't want to type long passwords and if they're forced to use them, they store them in passwords.xls. That's why clever people started in 1979 with using multiple rounds for password hashing.

as a side note: YARA rule so organizations can find the weak kdbx files on their devices: https://github.com/Neo23x0/signature-base/blob/master/yara/vuln_keepass_brute_forcible.yar it's hits on virustotal: https://www.virustotal.com/gui/search/vuln_keepass_db_brute_forcible/comments

The idea of warning the users is great, as I've seen many old .kdbx still in use by our admins with 6.000 iterations. A single Nvidia 3060 cracks them at 200k/s so the biggest wordlists from weakpass.com are done in 3 days.