[pcthrowaway]

Oh for sure, KeepassXC has some UI issues. And in this case, a glaring bug, thank you for making me aware of it! It looks like there are workarounds, though I'm not sure how much I like them.

I've already been doing manual backups. In addition, there is a feature to make a copy of the database before writing that I've just turned on. And the "Use alternative saving method -> Directly write to database file (dangerous)" option is supposed to prevent this issue from happening with cloud storage.

I wasn't in any way arguing KeepassXC is a layperson-friendly way to manage authentication credentials, just that it gives you the most security from the big identity providers (Apple, Google) selling you out for political or selfish reasons.

Of course, there's probably only so much I can do here. Apple could presumable ship an update to their OS that allows them to access a user's database while it's unlocked, or to keylog the master password.

A yubikey might be the only thing that can really protect you here.