The Open Source nature of the software is explained at Open Source | Kee Vault Ltd. So yes, you can audit everything that goes anywhere near your passwords. Please feel free to undertake a 3rd party audit and share your results with the open source community.
and the wording makes it sounds as if it will not work with KeePass by default any-more until after the user goes through a trial period with Kee Vault first.
I don’t see how it can be interpreted in that way. Can you suggest what words should be changed so that you don’t get this impression?
It can now send & receive that same information to an unrelated, unauthorised, online service - Kee Vault.
Again, that’s not what is intended from the quote you supplied and I can’t see how it can be interpreted in the way you suggest. Care to elaborate?
It can now send & receive that same information…
That’s not correct. I’m interested in what makes you think that is the case?
In short, we don’t want a plugin that sends passwords to a 3rd party server or a 3rd party application, even if it’s only meant to do it when “authorised”.
Kee does not and will never do that. Beyond it being open source and therefore auditable, there’s nothing more anyone can do to re-assure you this won’t change in future - you won’t find any better assurances from any other software.
I can assure you that I spent many weeks developing and refining the wording of these various messages and received positive feedback from many people. However, I am not surprised that when delivering this information to tens of thousands of people, some have interpreted it in a different way; contrary to some suggestions, I’m not ascribing any blame for this to users - it’s just a fact of life. Yes, it would be nice to eliminate such misunderstandings completely, and yes the responsibility for doing so lies with me; I don’t think it is possible to reach a perfect 100% score on this but I am genuinely sorry to anyone that has been adversely affected by any imperfect messages and remain keen to make improvements where possible.
I understand the need to view changes to security software with suspicion but I do hope these assumptions of malice can be replaced with some constructive suggestions. For example, rather than complaining about Firefox/Chrome’s auto-update behaviour for extensions, you might want to help with my efforts to develop an improvement.