Lightweight vault and password manager for Android, KeePassDX allows editing encrypted data in a single file in KeePass format and fill in the forms in a secure way.
The signature of KeePassDX is useful to verify that the apk hasn’t been compromised in any way.
Project like Signal or ProtonApps provide the fingerprint. Since KeepassDX is used to manage sensitive data, it could be useful to verify the apk. Ideally, you would post the fingerprint on different places (GitHub, your personal website, twitter, mastodon and so on) so we don’t have to trust the server.
J-Jamet
commented
8 months ago
The signature of KeePassDX is useful to verify that the apk hasn’t been compromised in any way.
Project like Signal or ProtonApps provide the fingerprint. Since KeepassDX is used to manage sensitive data, it could be useful to verify the apk. Ideally, you would post the fingerprint on different places (GitHub, your personal website, twitter, mastodon and so on) so we don’t have to trust the server.
Also, there is a really cool project called AppVerifier (https://github.com/soupslurpr/AppVerifier/commits/master/) which can easily check wether the signature of an application is the right one or not.