Please add an auto-delete function after password fail attempts

[seularts]

Before using KeePassXC I used to have this stand-alone password manager app just for the phone that had this simple optional function of auto-delete the database after x amount of fail login attempts. I think this should be here as well as it is a good way of preventing someone from bruteforcing your database! As an extra idea: you could add an additional option to hide the number of attempts so the individual doesn't realize he is about to auto-delete everything. I know that some smart would make copies before attempting this, but it's a nice way of having some more security!

[michaelk83]

I can already see the complaints from the users who didn't backup their database, and mistyped the passphrase a few times, and OOPS!
This gives you exactly zero extra security, since taking a backup first is trivial, and any competent user - let alone an attacker - would always have at least one backup. If you want to protect yourself against brute-force attacks, just use a long enough passphrase. The algorithms are already designed to make brute-forcing impractical if the passphrase is strong enough.
This is a terrible idea.

[michaelk83]

A more sensible option would be to forbid further login attempts for the next 24 hours or so. But that's not particularly useful for most users, either.

Bottom line is - if your spouse/friends know your passphrase, even a self-destruct won't help you; if they don't, your passwords will still be safe without deleting the file. But if you've surrounded yourself with people who don't respect your privacy and personal space, or that you feel like you need to hide things from (especially your spouse), you have far bigger problems than your passwords database.

[seularts]

Auto-deleting my nosy friends is not an option. But yeah, it was just an idea I threw in the ring, please don't hate me for it :)

[michaelk83]

No hate intended.

[droidmonkey]

the devs could simply say no and I will move on with my life.

No

[seularts]

As promised devs, I am moving on with my life 🍡

[phoerious]

This protects against nothing. The difficult part is getting access to your computer and whoever is successful in that will not be trying to bruteforce your database on your computer by entering a billion password attempts by hand.