Has Strongbox Ever Been Audited?

No, Strongbox has not received any independent audits. We would certainly like to have an audit done and are looking at options. Strongbox is a small independent startup company at the moment and we don't have the resources to hire an independent audit firm for this. We are open to any and all suggestions for how we can have this done in an efficient and economic manner. Strongbox is however open source and the source code is available for inspection online. Further the database formats and cryptographic algorithms used by Strongbox have been audited, and are open standards.

Further Info:
A full security audit of the Password Safe design can be found here:


Strongbox is a client built for the Password Safe file format, and is compatible with any other password safe applications. This format was designed by renowned security expert Bruce Schneier. A more general answer to the question can be found here:


The original KeePass app and format have also been audited and those results are available here:


Source Code
You can also find all the code for Strongbox online at: