J-Jamet
commented
2 years ago https://github.com/Kunzisoft/KeePassDX/blob/0ef574d67525073a6536bd3b0fe554b9190bd599/app/src/main/java/com/kunzisoft/keepass/password/PasswordEntropy.kt#L79 The entropy is not calculated by KeePassDX but by the automatic generation library Nbvcxz.
You can compare the calculation methods from the library code and from KeePassXC to see what the differences are. Personally, as long as there is an order of magnitude even if the calculation is less permissive on KeePassDX, I don't have a problem because it encourages to generate larger passwords.
Edit : Also, to compare, putting the same options is not enough because of the randomness, the generated password will not be the same so obviously will not have the same entropy, it is necessary to copy the same password in the two entropy calculators.
pinckpockett
When using the password generator to generate a password. The entropy is weaker then compared to KeepassXC.
For example, I generated a 30 length password with numbers, letters, -, _, special characters and some of the other options. I got an entropy of 300-320 bit range on KeepassXC.
I chose the same options on KeepassDX and my entropy was 190-210 bit range.
You can replicate this by choosing the exact same options on both KeepassXC and KeepassDX. Then making the password length 25 or higher. I Haven't tried with shorter lengths because I dont generate shorter lengths then that. But the same will probably apply. The entropy will be a lot weaker on KeepassDX. Is their a reason for this? Can it be fixed or is it a mobile thing?