Not sure about Android but, for iOS users, it makes no sense trusting open source software. So, even if you choose strongbox or keepassium as they’re open source you’re still trusting some dude as you have no option to verify that the iOS build is the same as the build on github.
This is why I prefer to give my password to a company like Bitwarden and 1Password. At least, they have less incentive to be malicious than random dude on the store.
- A random dude behind an LLC is still a random dude — but now with limited liability :)
- There is a fake "KeePass" app in the AppStore. It is published by a company.
Perhaps time is more important for reputation than being incorporated?
This is why I prefer to give my password to a company like Bitwarden and 1Password. At least, they have less incentive to be malicious than random dude on the store.