Suggest upgrading the KDF to the currently recommended algorithm. Users unfamiliar with cryptography will not be able to discern possible attack vectors for access to their encrypted data otherwise.
Examples
-
Context
I recently checked what KDF my KDBX 4 database was using and realized it was AES-KDF and not Argon2id (like I would have expected). I acknowledge that there are compatibility concerns when using a newer KDF by default, but compatibility with other password managers is not something I personally care about.
This is something I would want KeepassXC to notify me about, and ideally provide an easy upgrade path (easier than going into the advanced database encryption settings).
Summary
Suggest upgrading the KDF to the currently recommended algorithm. Users unfamiliar with cryptography will not be able to discern possible attack vectors for access to their encrypted data otherwise.
Examples
-
Context
I recently checked what KDF my KDBX 4 database was using and realized it was AES-KDF and not Argon2id (like I would have expected). I acknowledge that there are compatibility concerns when using a newer KDF by default, but compatibility with other password managers is not something I personally care about. This is something I would want KeepassXC to notify me about, and ideally provide an easy upgrade path (easier than going into the advanced database encryption settings).