German security researchers have analyzed the security of 9 popular password managers on Android and found vulnerabilities in all of them. Some password managers stored passwords in plaintext or had hardcoded encryption keys in the source code.
I find it interesting that KeePass wasn’t mentioned. I guess I’m kind of relieved, since KeePass may have passed their tests, but also kind of worried, since it’s equally possible these researchers didn’t bother to test KeePass.
Those are ports not the actual Keepass that is for Windows. So one should separate what is the actual Keepass from the ported version. Those come off as “Contributed/Unofficial KeePass Ports”.
That is a good point.