I have confirmed that you can set the iterations to a value higher than the specified max=10 if one types the number into the field instead of using the up-arrow to increase the value (using the up-arrow, the value cannot be incremented past 10 iterations).
Interestingly, if entering a value smaller than the specified min=2 (i.e., 1 iteration), then there is an error message (“Argon2 iteration minimum is 2”) when clicking Change KDF after entering the Master Password. Such an error is not shown when surpassing the max.
Edited to Add: Seems like some code of the form
else if (kdfConfig.iterations > 10) {
throw new Error("Argon2 iteration maximum is 10.");
}
needs to be added at the end of Line 432 in crypto.service.ts. Beyond that, shouldn’t these input conditioning checks use the min and max variables that are defined in change-kdf.component.html — or even better, as constants defined in kdf-type.enum.ts — instead of hardcoding the numerical values of these limits?