Appearance
Has KeePassium been audited?
Yes, KeePassium has been audited by specialized cybersecurity firms. So far, this is the only KeePass-compatible mobile app with an independent security audit.
In October 2024, KeePassium was audited by Cure53, a reputable cybersecurity firm based in Germany. They had full source code and spent 10 days analyzing the app. The most sensitive finding was that the app allowed weak master passwords without a warning. All the issues were fixed in the next app update.
Full report: KeePassium audit report by Cure53 (October 2024)
In July 2024, KeePassium received CASA Tier 2 certification from TAC Security, Google's CASA authorized partner. While CASA stands for "Cloud Application Security Assessment" and KeePassium is no cloud application, this certificate is required for any app that communicates with Google Drive API. KeePassium scored 9.7 out of 10.
Full report: CASA Tier 2 report by TAC Security (July 2024)