I’m a bit unsure if letting users vote on such important security features is a good idea. Those should always be higher up on the todo list than the “normal” feature requests.
And IF you want users to vote on these things, the feature should at least be explained in a way, that normal users (=non-developers) understand the added security provided by this feature and thus the importance.
well it seems from the votes that lots of users understand the importance of this feature, but i agree this is vitally important, especially since the default amount used today is pretty low for modern standards
Besides the increased security of having more iterations, Is there added security to users having different numbers of iterations?
IOW, if an attacker knows everyone is using 5000 iterations, is it easier to coordinate an attack versus attacking a system in which users are using different numbers of iterations (with a minimum of 5000)?
This feature request “mirrors” the PIM feature on VeraCrypt’s encrypted vaults. The personal iteration manager (PIM) lets users specify the exact needed iteration count and an adversary would not know the count needed. It greatly increases/fortifies the strength of the vault firewall.
Preliminary support for this feature will be available in the next app releases. Once the updates have propagated throughout we will enable the ability to alter a setting from the web vault for 5,000 - 1,000,000 iterations.