Merge branch 'release/2.9.9'

Replace strong tag
Merge branch 'develop' of https://hosted.weblate.org/git/keepass-dx/strings into translations
2025-12-04 15:49:33 +01:00 · 2021-01-14 14:46:46 +01:00 · 2021-01-14 13:50:41 +01:00 · 2021-01-14 13:46:56 +01:00 · 2021-01-14 13:23:35 +01:00 · 2021-01-14 11:48:44 +01:00
207 changed files with 7340 additions and 4084 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -20,7 +20,7 @@ Steps to reproduce the behavior:
 **Expected behavior**
 A clear and concise description of what you expected to happen.

-** Keepass Database **
+**KeePass Database**
 - Created with: [e.g Windows KeePass 2.42]
 - Version: [e.g. 2]
 - Location: [e.g. Remote file retrieved with GDrive app]
--- a/49
+++ b/49
@@ -1,3 +1,52 @@
+KeePassDX(2.9.9)
+ * Detect file changes and reload database #794
+ * Inline suggestions autofill with compatible keyboard (Android R) #827
+ * Add Keyfile XML version 2 #844
+ * Fix binaries of 64 bytes #835
+ * Special search in title fields #830
+ * Priority to OTP button in notifications #845
+ * Fix OTP generation for long secret key #848
+ * Fix small bugs #849
+
+KeePassDX(2.9.8)
+ * Fix specific attachments with kdbx3.1 databases #828
+ * Fix small bugs
+
+KeePassDX(2.9.7)
+ * Remove write permission since Android 10 #823
+ * Fix small bugs
+
+KeePassDX(2.9.6)
+ * Fix KeyFile bug #820
+
+KeePassDX(2.9.5)
+ * Unlock database by device credentials (PIN/Password/Pattern) with Android M+ #102 #152 #811
+ * Prevent auto switch back to previous keyboard if otp field exists #814
+ * Fix timeout reset #817
+
+KeePassDX(2.9.4)
+ * Fix small bugs #812
+ * Argon2ID implementation #791
+
+KeePassDX(2.9.3)
+ * Unlock database by device credentials (PIN/Password/Pattern) #779 #102
+ * Advanced unlock with timeout #102 #437 #566
+ * Remove default database parameter when the file is no longer accessible #803
+ * Move OTP button to the first view level in Magikeyboard #587
+ * Tooltips for Magikeyboard #586
+ * Fix small bugs #805
+
+KeePassDX(2.9.2)
+ * Managing OTP links from QR applications #556
+ * Prevent manual creation of existing field name #718
+ * Harmonization of field names #789
+ * Different channels for each type of notification #688
+ * Fix OTP #780 #781
+ * Fix same save shared info #783
+ * Fix switch back to previous keyboard #782
+ * Fix read only #792
+ * Better UI #719 #534 #617 #793
+
 KeePassDX(2.9.1)
 * Copy password from generator #697
 * Fix Magikeyboard not fully visible #772
--- a/1015
+++ b/1015
--- a/LICENSES/LICENSE_APACHE
+++ b/LICENSES/LICENSE_APACHE
@@ -0,0 +1,202 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
--- a/LICENSES/LICENSE_BOUNCY_CASTLE
+++ b/LICENSES/LICENSE_BOUNCY_CASTLE
@@ -0,0 +1,7 @@
+Copyright (c) 2000 - 2011 The Legion Of The Bouncy Castle (http://www.bouncycastle.org)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
--- a/LICENSES/LICENSE_FONT_FIRA_MONO_REGULAR.txt
+++ b/LICENSES/LICENSE_FONT_FIRA_MONO_REGULAR.txt
--- a/LICENSES/LICENSE_ICON_PACK_CLASSIC
+++ b/LICENSES/LICENSE_ICON_PACK_CLASSIC
@@ -0,0 +1,111 @@
+Files ic00.png to ic61.png under res/drawable, res/drawable-hdpi and res/drawable-ldpi
+
+TITLE:    NUVOLA ICON THEME for KDE 3.x
+AUTHOR:    David Vignoni | ICON KING
+SITE:    http://www.icon-king.com
+MAILING LIST: http://mail.icon-king.com/mailman/listinfo/nuvola_icon-king.com
+
+Copyright (c)  2003-2004  David Vignoni.
+
+This library is free software; you can redistribute it and/or
+modify it under the terms of the GNU Lesser General Public
+License as published by the Free Software Foundation,
+version 2.1 of the License.
+This library is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+Lesser General Public License for more details.
+You should have received a copy of the GNU Lesser General Public
+License along with this library (see the the license.txt file); if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+#######**** NOTE THIS ADD-ON ****#######
+The GNU Lesser General Public License or LGPL is written for software libraries
+in the first place. The LGPL has to be considered valid for this artwork
+library too.
+Nuvola icon theme for KDE 3.x is a special kind of software library, it is an
+artwork library, it's elements can be used in a Graphical User Interface, or
+GUI.
+Source code, for this library means:
+ - raster png image* .
+The LGPL in some sections obliges you to make the files carry
+notices. With images this is in some cases impossible or hardly usefull.
+With this library a notice is placed at a prominent place in the directory
+containing the elements. You may follow this practice.
+The exception in section 6 of the GNU Lesser General Public License covers
+the use of elements of this art library in a GUI.
+dave [at] icon-king.com
+
+Date:        15 october 2004
+Version:    1.0
+
+DESCRIPTION:
+
+Icon theme for KDE 3.x.
+Icons where designed using Adobe Illustrator, and then exported to PNG format.
+Icons shadows and minor corrections were done using Adobe Photoshop.
+Kiconedit was used to correct some 16x16 and 22x22 icons.
+
+LICENSE
+
+Released under GNU Lesser General Public License (LGPL)
+Look at the license.txt file.
+
+CONTACT
+
+David Vignoni
+e-mail :        david [at] icon-king.com
+ICQ :            117761009
+http:               http://www.icon-king.com
+
+---
+
+Files ic62.png under res/drawable, res/drawable-hdpi and res/drawable-ldpi
+
+Based on http://de.wikipedia.org/w/index.php?title=Datei:Tux.svg&filetimestamp=20090927073505
+
+The copyright holder of this file allows anyone to use it for any purpose, 
+provided that the copyright holders Larry Ewing, Simon Budig and
+Anja Gerwinski are mentioned.
+
+---
+
+Files ic63.png under res/drawable, res/drawable-hdpi and res/drawable-ldpi
+
+Based on http://en.wikipedia.org/wiki/File:ASF-logo.svg
+
+Apache logo
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License. You may
+obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+License for the specific language governing permissions and limitations under
+the License.
+
+---
+
+Files ic64.png under res/drawable, res/drawable-hdpi and res/drawable-ldpi
+
+Created by Jeremy JAMET and licensed under the terms of the GPLv3.
+
+---
+
+Files ic65.png, ic67.png and ic68.png under res/drawable, res/drawable-hdpi and res/drawable-ldpi
+
+Created by Tobias Selig and licensed under the terms of the GPLv2 or GPLv3.
+
+---
+
+File ic66.png under under res/drawable, res/drawable-hdpi and res/drawable-ldpi
+
+Based on http://commons.wikimedia.org/wiki/File:Dollar_symbol_gold.svg
+
+Author: Rugby471
+
+Permission is granted to copy, distribute and/or modify this document under
+the terms of the GNU Free Documentation License, Version 1.2 or any later
+version published by the Free Software Foundation; with no Invariant Sections,
+no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is
+included in the section entitled "GNU Free Documentation License".
+
+---
--- a/LICENSES/LICENSE_ICON_PACK_MATERIAL_FONT_AWESOME
+++ b/LICENSES/LICENSE_ICON_PACK_MATERIAL_FONT_AWESOME
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
-# Android KeepassDX
+# Android KeePassDX

-<img src="https://raw.githubusercontent.com/Kunzisoft/KeePassDX/master/art/icon.png"> KeepassDX is a **multi-format KeePass manager for Android devices**. The app allows creating keys and passwords in a secure way by integrating with the Android design standards.
+<img src="https://raw.githubusercontent.com/Kunzisoft/KeePassDX/master/art/icon.png"> KeePassDX is a **multi-format KeePass manager for Android devices**. The app allows creating keys and passwords in a secure way by integrating with the Android design standards.

 <img src="https://raw.githubusercontent.com/Kunzisoft/KeePassDX/master/art/screen.jpg" width="220">

@@ -19,7 +19,7 @@
 - Precise management of **settings**.
 - Code written in **native languages** *(Kotlin / Java / JNI / C)*.

-KeepassDX is **open source** and **ad-free**.
+KeePassDX is **open source** and **ad-free**.

 ## What is KeePassDX?

@@ -88,4 +88,4 @@ Other questions? You can read the [FAQ](https://github.com/Kunzisoft/KeePassDX/w
  You should have received a copy of the GNU General Public License
  along with KeePassDX.  If not, see <http://www.gnu.org/licenses/>.
  
-  *This project is a fork of [KeepassDroid](https://github.com/bpellin/keepassdroid) by bpellin.*
+  *This project is a fork of [KeePassDroid](https://github.com/bpellin/keepassdroid) by bpellin.*
--- a/_config.yml
+++ b/_config.yml
@@ -1 +0,0 @@
-theme: jekyll-theme-cayman
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -5,21 +5,22 @@ apply plugin: 'kotlin-kapt'

 android {
    compileSdkVersion 30
-    buildToolsVersion '30.0.2'
+    buildToolsVersion '30.0.3'
+    ndkVersion '21.3.6528147'

    defaultConfig {
        applicationId "com.kunzisoft.keepass"
        minSdkVersion 14
        targetSdkVersion 30
-        versionCode = 45
-        versionName = "2.9.1"
+        versionCode = 53
+        versionName = "2.9.9"
        multiDexEnabled true

        testApplicationId = "com.kunzisoft.keepass.tests"
        testInstrumentationRunner = "android.test.InstrumentationTestRunner"

        buildConfigField "String[]", "ICON_PACKS", "{\"classic\",\"material\"}"
-        manifestPlaceholders = [ googleAndroidBackupAPIKey:"" ]
+        manifestPlaceholders = [ googleAndroidBackupAPIKey:"unused" ]

        kapt {
            arguments {
@@ -91,16 +92,16 @@ android {
    }
 }

-def room_version = "2.2.5"
+def room_version = "2.2.6"

 dependencies {
    implementation "org.jetbrains.kotlin:kotlin-stdlib-jdk8:$kotlin_version"
    implementation 'androidx.appcompat:appcompat:1.2.0'
-    implementation 'androidx.preference:preference:1.1.1'
+    implementation 'androidx.preference:preference-ktx:1.1.1'
    implementation 'androidx.cardview:cardview:1.0.0'
-    implementation 'androidx.constraintlayout:constraintlayout:2.0.3'
+    implementation 'androidx.constraintlayout:constraintlayout:2.0.4'
    implementation 'androidx.documentfile:documentfile:1.0.1'
-    implementation 'androidx.biometric:biometric:1.1.0-beta01'
+    implementation 'androidx.biometric:biometric:1.1.0-rc01'
    // Lifecycle - LiveData - ViewModel - Coroutines
    implementation "androidx.core:core-ktx:1.3.2"
    implementation 'androidx.fragment:fragment-ktx:1.2.5'
@@ -109,6 +110,8 @@ dependencies {
    // Database
    implementation "androidx.room:room-runtime:$room_version"
    kapt "androidx.room:room-compiler:$room_version"
+    // Autofill
+    implementation "androidx.autofill:autofill:1.1.0-rc01"
    // Crypto
    implementation 'org.bouncycastle:bcprov-jdk15on:1.65.01'
    // Time
@@ -120,7 +123,7 @@ dependencies {
    // Apache Commons Collections
    implementation 'commons-collections:commons-collections:3.2.2'
    // Apache Commons Codec
-    implementation 'commons-codec:commons-codec:1.14'
+    implementation 'commons-codec:commons-codec:1.15'
    // Icon pack
    implementation project(path: ':icon-pack-classic')
    implementation project(path: ':icon-pack-material')
--- a/app/src/main/AndroidManifest.xml
+++ b/app/src/main/AndroidManifest.xml
@@ -14,10 +14,15 @@
        android:name="android.permission.USE_BIOMETRIC" />
    <uses-permission
        android:name="android.permission.VIBRATE"/>
+    <!-- Write permission until Android 10 -->
    <uses-permission
-        android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
+        android:name="android.permission.WRITE_EXTERNAL_STORAGE"
+        android:maxSdkVersion="28"
+        tools:ignore="ScopedStorage" />
+    <!-- Open apps from links -->
    <uses-permission
-        android:name="android.permission.QUERY_ALL_PACKAGES"/>
+        android:name="android.permission.QUERY_ALL_PACKAGES"
+        tools:ignore="QueryAllPackagesPermission" />

    <application
        android:label="@string/app_name"
@@ -150,6 +155,13 @@
                <category android:name="android.intent.category.DEFAULT" />
                <data android:mimeType="text/plain" />
            </intent-filter>
+            <intent-filter>
+                <action android:name="android.intent.action.VIEW" />
+                <category android:name="android.intent.category.DEFAULT" />
+                <category android:name="android.intent.category.BROWSABLE" />
+                <data android:scheme="otpauth" android:host="totp" />
+                <data android:scheme="otpauth" android:host="hotp" />
+            </intent-filter>
        </activity>
        <activity
            android:name="com.kunzisoft.keepass.activities.MagikeyboardLauncherActivity"
@@ -167,13 +179,17 @@
            android:enabled="true"
            android:exported="false" />
        <service
-            android:name=".notifications.AttachmentFileNotificationService"
+            android:name="com.kunzisoft.keepass.notifications.AttachmentFileNotificationService"
            android:enabled="true"
            android:exported="false" />
        <service
            android:name="com.kunzisoft.keepass.notifications.ClipboardEntryNotificationService"
            android:enabled="true"
            android:exported="false" />
+        <service
+            android:name="com.kunzisoft.keepass.notifications.AdvancedUnlockNotificationService"
+            android:enabled="true"
+            android:exported="false" />
        <!-- Receiver for Autofill -->
        <service
            android:name="com.kunzisoft.keepass.autofill.KeeAutofillService"
--- a/app/src/main/java/com/kunzisoft/keepass/activities/AutofillLauncherActivity.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/activities/AutofillLauncherActivity.kt
@@ -26,6 +26,7 @@ import android.content.Intent
 import android.content.IntentSender
 import android.os.Build
 import android.os.Bundle
+import android.view.inputmethod.InlineSuggestionsRequest
 import android.widget.Toast
 import androidx.annotation.RequiresApi
 import androidx.appcompat.app.AppCompatActivity
@@ -33,6 +34,7 @@ import com.kunzisoft.keepass.R
 import com.kunzisoft.keepass.activities.helpers.EntrySelectionHelper
 import com.kunzisoft.keepass.activities.helpers.SpecialMode
 import com.kunzisoft.keepass.autofill.AutofillHelper
+import com.kunzisoft.keepass.autofill.AutofillHelper.EXTRA_INLINE_SUGGESTIONS_REQUEST
 import com.kunzisoft.keepass.autofill.KeeAutofillService
 import com.kunzisoft.keepass.database.element.Database
 import com.kunzisoft.keepass.database.search.SearchHelper
@@ -40,7 +42,6 @@ import com.kunzisoft.keepass.model.RegisterInfo
 import com.kunzisoft.keepass.model.SearchInfo
 import com.kunzisoft.keepass.settings.PreferencesUtil
 import com.kunzisoft.keepass.utils.LOCK_ACTION
-import com.kunzisoft.keepass.utils.UriUtil

@RequiresApi(api = Build.VERSION_CODES.O)
 class AutofillLauncherActivity : AppCompatActivity() {
@@ -84,9 +85,9 @@ class AutofillLauncherActivity : AppCompatActivity() {

    private fun launchSelection(searchInfo: SearchInfo) {
        // Pass extra for Autofill (EXTRA_ASSIST_STRUCTURE)
-        val assistStructure = AutofillHelper.retrieveAssistStructure(intent)
+        val autofillComponent = AutofillHelper.retrieveAutofillComponent(intent)

-        if (assistStructure == null) {
+        if (autofillComponent == null) {
            setResult(Activity.RESULT_CANCELED)
            finish()
        } else if (!KeeAutofillService.autofillAllowedFor(searchInfo.applicationId,
@@ -105,21 +106,21 @@ class AutofillLauncherActivity : AppCompatActivity() {
                    searchInfo,
                    { items ->
                        // Items found
-                        AutofillHelper.buildResponse(this, items)
+                        AutofillHelper.buildResponseAndSetResult(this, items)
                        finish()
                    },
                    {
                        // Show the database UI to select the entry
                        GroupActivity.launchForAutofillResult(this,
                                readOnly,
-                                assistStructure,
+                                autofillComponent,
                                searchInfo,
                                false)
                    },
                    {
                        // If database not open
                        FileDatabaseSelectActivity.launchForAutofillResult(this,
-                                assistStructure,
+                                autofillComponent,
                                searchInfo)
                    }
            )
@@ -196,7 +197,8 @@ class AutofillLauncherActivity : AppCompatActivity() {
        private const val KEY_REGISTER_INFO = "KEY_REGISTER_INFO"

        fun getAuthIntentSenderForSelection(context: Context,
-                                            searchInfo: SearchInfo? = null): IntentSender {
+                                            searchInfo: SearchInfo? = null,
+                                            inlineSuggestionsRequest: InlineSuggestionsRequest? = null): IntentSender {
            return PendingIntent.getActivity(context, 0,
                    // Doesn't work with Parcelable (don't know why?)
                    Intent(context, AutofillLauncherActivity::class.java).apply {
@@ -205,6 +207,11 @@ class AutofillLauncherActivity : AppCompatActivity() {
                            putExtra(KEY_SEARCH_DOMAIN, it.webDomain)
                            putExtra(KEY_SEARCH_SCHEME, it.webScheme)
                        }
+                        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) {
+                            inlineSuggestionsRequest?.let {
+                                putExtra(EXTRA_INLINE_SUGGESTIONS_REQUEST, it)
+                            }
+                        }
                    },
                    PendingIntent.FLAG_CANCEL_CURRENT).intentSender
        }
--- a/app/src/main/java/com/kunzisoft/keepass/activities/EntryActivity.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/activities/EntryActivity.kt
@@ -39,7 +39,9 @@ import androidx.coordinatorlayout.widget.CoordinatorLayout
 import com.google.android.material.appbar.CollapsingToolbarLayout
 import com.kunzisoft.keepass.R
 import com.kunzisoft.keepass.activities.helpers.ReadOnlyHelper
+import com.kunzisoft.keepass.activities.helpers.SpecialMode
 import com.kunzisoft.keepass.activities.lock.LockingActivity
+import com.kunzisoft.keepass.activities.lock.resetAppTimeoutWhenViewFocusedOrChanged
 import com.kunzisoft.keepass.database.element.Attachment
 import com.kunzisoft.keepass.database.element.Database
 import com.kunzisoft.keepass.database.element.Entry
@@ -52,7 +54,9 @@ import com.kunzisoft.keepass.model.StreamDirection
 import com.kunzisoft.keepass.notifications.AttachmentFileNotificationService
 import com.kunzisoft.keepass.notifications.ClipboardEntryNotificationService
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_DELETE_ENTRY_HISTORY
+import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_RELOAD_TASK
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_RESTORE_ENTRY_HISTORY
+import com.kunzisoft.keepass.otp.OtpEntryFields
 import com.kunzisoft.keepass.settings.PreferencesUtil
 import com.kunzisoft.keepass.tasks.AttachmentFileBinderManager
 import com.kunzisoft.keepass.timeout.ClipboardHelper
@@ -133,7 +137,7 @@ class EntryActivity : LockingActivity() {
        }

        // Focus view to reinitialize timeout
-        resetAppTimeoutWhenViewFocusedOrChanged(coordinatorLayout)
+        coordinatorLayout?.resetAppTimeoutWhenViewFocusedOrChanged(this)

        // Init the clipboard helper
        clipboardHelper = ClipboardHelper(this)
@@ -150,6 +154,10 @@ class EntryActivity : LockingActivity() {
                    if (result.isSuccess)
                        finish()
                }
+                ACTION_DATABASE_RELOAD_TASK -> {
+                    // Close the current activity
+                    finish()
+                }
            }
            coordinatorLayout?.showActionError(result)
        }
@@ -198,8 +206,7 @@ class EntryActivity : LockingActivity() {
            // Refresh Menu
            invalidateOptionsMenu()

-            val entryInfo = entry.getEntryInfo(Database.getInstance())
-
+            val entryInfo = entry.getEntryInfo(mDatabase)
            // Manage entry copy to start notification if allowed
            if (mFirstLaunchOfActivity) {
                // Manage entry to launch copying notification if allowed
@@ -231,23 +238,21 @@ class EntryActivity : LockingActivity() {

    private fun fillEntryDataInContentsView(entry: Entry) {

-        val database = Database.getInstance()
-        database.startManageEntry(entry)
+        val entryInfo = entry.getEntryInfo(mDatabase)
+
        // Assign title icon
-        titleIconView?.assignDatabaseIcon(database.drawFactory, entry.icon, iconColor)
+        titleIconView?.assignDatabaseIcon(mDatabase!!.drawFactory, entryInfo.icon, iconColor)

        // Assign title text
-        val entryTitle = entry.title
+        val entryTitle = entryInfo.title
        collapsingToolbarLayout?.title = entryTitle
        toolbar?.title = entryTitle

        // Assign basic fields
-        entryContentsView?.assignUserName(entry.username) {
-            database.startManageEntry(entry)
-            clipboardHelper?.timeoutCopyToClipboard(entry.username,
+        entryContentsView?.assignUserName(entryInfo.username) {
+            clipboardHelper?.timeoutCopyToClipboard(entryInfo.username,
                    getString(R.string.copy_field,
                            getString(R.string.entry_user_name)))
-            database.stopManageEntry(entry)
        }

        val isFirstTimeAskAllowCopyPasswordAndProtectedFields =
@@ -277,11 +282,9 @@ class EntryActivity : LockingActivity() {

        val onPasswordCopyClickListener: View.OnClickListener? = if (allowCopyPasswordAndProtectedFields) {
            View.OnClickListener {
-                database.startManageEntry(entry)
-                clipboardHelper?.timeoutCopyToClipboard(entry.password,
+                clipboardHelper?.timeoutCopyToClipboard(entryInfo.password,
                        getString(R.string.copy_field,
                                getString(R.string.entry_password)))
-                database.stopManageEntry(entry)
            }
        } else {
            // If dialog not already shown
@@ -291,44 +294,46 @@ class EntryActivity : LockingActivity() {
                null
            }
        }
-        entryContentsView?.assignPassword(entry.password,
+        entryContentsView?.assignPassword(entryInfo.password,
                allowCopyPasswordAndProtectedFields,
                onPasswordCopyClickListener)

        //Assign OTP field
-        entryContentsView?.assignOtp(entry.getOtpElement(), entryProgress,
-                View.OnClickListener {
-                    entry.getOtpElement()?.let { otpElement ->
-                        clipboardHelper?.timeoutCopyToClipboard(
-                                otpElement.token,
-                                getString(R.string.copy_field, getString(R.string.entry_otp))
-                        )
-                    }
-        })
+        entry.getOtpElement()?.let { otpElement ->
+            entryContentsView?.assignOtp(otpElement, entryProgress) {
+                clipboardHelper?.timeoutCopyToClipboard(
+                        otpElement.token,
+                        getString(R.string.copy_field, getString(R.string.entry_otp))
+                )
+            }
+        }

-        entryContentsView?.assignURL(entry.url)
-        entryContentsView?.assignNotes(entry.notes)
+        entryContentsView?.assignURL(entryInfo.url)
+        entryContentsView?.assignNotes(entryInfo.notes)

        // Assign custom fields
        if (mDatabase?.allowEntryCustomFields() == true) {
            entryContentsView?.clearExtraFields()
-            entry.getExtraFields().forEach { field ->
+            entryInfo.customFields.forEach { field ->
                val label = field.name
-                val value = field.protectedValue
-                val allowCopyProtectedField = !value.isProtected || allowCopyPasswordAndProtectedFields
-                if (allowCopyProtectedField) {
-                    entryContentsView?.addExtraField(label, value, allowCopyProtectedField) {
-                        clipboardHelper?.timeoutCopyToClipboard(
-                                value.toString(),
-                                getString(R.string.copy_field, label)
-                        )
-                    }
-                } else {
-                    // If dialog not already shown
-                    if (isFirstTimeAskAllowCopyPasswordAndProtectedFields) {
-                        entryContentsView?.addExtraField(label, value, allowCopyProtectedField, showWarningClipboardDialogOnClickListener)
+                // OTP field is already managed in dedicated view
+                if (label != OtpEntryFields.OTP_TOKEN_FIELD) {
+                    val value = field.protectedValue
+                    val allowCopyProtectedField = !value.isProtected || allowCopyPasswordAndProtectedFields
+                    if (allowCopyProtectedField) {
+                        entryContentsView?.addExtraField(label, value, allowCopyProtectedField) {
+                            clipboardHelper?.timeoutCopyToClipboard(
+                                    value.toString(),
+                                    getString(R.string.copy_field, label)
+                            )
+                        }
                    } else {
-                        entryContentsView?.addExtraField(label, value, allowCopyProtectedField, null)
+                        // If dialog not already shown
+                        if (isFirstTimeAskAllowCopyPasswordAndProtectedFields) {
+                            entryContentsView?.addExtraField(label, value, allowCopyProtectedField, showWarningClipboardDialogOnClickListener)
+                        } else {
+                            entryContentsView?.addExtraField(label, value, allowCopyProtectedField, null)
+                        }
                    }
                }
            }
@@ -336,24 +341,16 @@ class EntryActivity : LockingActivity() {
        entryContentsView?.setHiddenProtectedValue(!mShowPassword)

        // Manage attachments
-        mDatabase?.binaryPool?.let { binaryPool ->
-            entryContentsView?.assignAttachments(entry.getAttachments(binaryPool).toSet(), StreamDirection.DOWNLOAD) { attachmentItem ->
-                createDocument(this, attachmentItem.name)?.let { requestCode ->
-                    mAttachmentsToDownload[requestCode] = attachmentItem
-                }
+        entryContentsView?.assignAttachments(entryInfo.attachments.toSet(), StreamDirection.DOWNLOAD) { attachmentItem ->
+            createDocument(this, attachmentItem.name)?.let { requestCode ->
+                mAttachmentsToDownload[requestCode] = attachmentItem
            }
        }

        // Assign dates
-        entryContentsView?.assignCreationDate(entry.creationTime)
-        entryContentsView?.assignModificationDate(entry.lastModificationTime)
-        entryContentsView?.assignLastAccessDate(entry.lastAccessTime)
-        entryContentsView?.setExpires(entry.isCurrentlyExpires)
-        if (entry.expires) {
-            entryContentsView?.assignExpiresDate(entry.expiryTime)
-        } else {
-            entryContentsView?.assignExpiresDate(getString(R.string.never))
-        }
+        entryContentsView?.assignCreationDate(entryInfo.creationTime)
+        entryContentsView?.assignModificationDate(entryInfo.modificationTime)
+        entryContentsView?.setExpires(entryInfo.expires, entryInfo.expiryTime)

        // Manage history
        historyView?.visibility = if (mIsHistory) View.VISIBLE else View.GONE
@@ -368,8 +365,6 @@ class EntryActivity : LockingActivity() {

        // Assign special data
        entryContentsView?.assignUUID(entry.nodeId.id)
-
-        database.stopManageEntry(entry)
    }

    override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
@@ -407,6 +402,9 @@ class EntryActivity : LockingActivity() {
            menu.findItem(R.id.menu_save_database)?.isVisible = false
            menu.findItem(R.id.menu_edit)?.isVisible = false
        }
+        if (mSpecialMode != SpecialMode.DEFAULT) {
+            menu.findItem(R.id.menu_reload_database)?.isVisible = false
+        }

        val gotoUrl = menu.findItem(R.id.menu_goto_url)
        gotoUrl?.apply {
@@ -500,6 +498,9 @@ class EntryActivity : LockingActivity() {
            R.id.menu_save_database -> {
                mProgressDatabaseTaskProvider?.startDatabaseSave(!mReadOnly)
            }
+            R.id.menu_reload_database -> {
+                mProgressDatabaseTaskProvider?.startDatabaseReload(false)
+            }
            android.R.id.home -> finish() // close this activity and return to preview activity (if there is any)
        }
        return super.onOptionsItemSelected(item)
--- a/app/src/main/java/com/kunzisoft/keepass/activities/EntryEditActivity.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/activities/EntryEditActivity.kt
@@ -21,7 +21,6 @@ package com.kunzisoft.keepass.activities
 import android.app.Activity
 import android.app.DatePickerDialog
 import android.app.TimePickerDialog
-import android.app.assist.AssistStructure
 import android.content.Context
 import android.content.Intent
 import android.net.Uri
@@ -48,6 +47,8 @@ import com.kunzisoft.keepass.activities.dialogs.FileTooBigDialogFragment.Compani
 import com.kunzisoft.keepass.activities.helpers.EntrySelectionHelper
 import com.kunzisoft.keepass.activities.helpers.SelectFileHelper
 import com.kunzisoft.keepass.activities.lock.LockingActivity
+import com.kunzisoft.keepass.activities.lock.resetAppTimeoutWhenViewFocusedOrChanged
+import com.kunzisoft.keepass.autofill.AutofillComponent
 import com.kunzisoft.keepass.autofill.AutofillHelper
 import com.kunzisoft.keepass.database.element.*
 import com.kunzisoft.keepass.database.element.icon.IconImage
@@ -60,6 +61,7 @@ import com.kunzisoft.keepass.notifications.AttachmentFileNotificationService
 import com.kunzisoft.keepass.notifications.ClipboardEntryNotificationService
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_CREATE_ENTRY_TASK
+import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_RELOAD_TASK
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_UPDATE_ENTRY_TASK
 import com.kunzisoft.keepass.notifications.KeyboardEntryNotificationService
 import com.kunzisoft.keepass.otp.OtpElement
@@ -134,7 +136,7 @@ class EntryEditActivity : LockingActivity(),
        }

        // Focus view to reinitialize timeout
-        resetAppTimeoutWhenViewFocusedOrChanged(coordinatorLayout)
+        coordinatorLayout?.resetAppTimeoutWhenViewFocusedOrChanged(this)

        stopService(Intent(this, ClipboardEntryNotificationService::class.java))
        stopService(Intent(this, KeyboardEntryNotificationService::class.java))
@@ -334,6 +336,10 @@ class EntryEditActivity : LockingActivity(),
                        Log.e(TAG, "Unable to retrieve entry after database action", e)
                    }
                }
+                ACTION_DATABASE_RELOAD_TASK -> {
+                    // Close the current activity
+                    finish()
+                }
            }
            coordinatorLayout?.showActionError(result)
        }
@@ -360,7 +366,7 @@ class EntryEditActivity : LockingActivity(),
        // Build Autofill response with the entry selected
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
            mDatabase?.let { database ->
-                AutofillHelper.buildResponse(this@EntryEditActivity,
+                AutofillHelper.buildResponseAndSetResult(this@EntryEditActivity,
                        entry.getEntryInfo(database))
            }
        }
@@ -452,14 +458,39 @@ class EntryEditActivity : LockingActivity(),
        EntryCustomFieldDialogFragment.getInstance(field).show(supportFragmentManager, "customFieldDialog")
    }

+    private fun verifyNameField(field: Field,
+                                actionIfNewName: () -> Unit) {
+        var extraFieldAlreadyContainsName = false
+        entryEditFragment?.getExtraFields()?.forEach {
+            if (it.name.equals(field.name, true))
+                extraFieldAlreadyContainsName = true
+        }
+
+        if (!extraFieldAlreadyContainsName
+                && Entry.newExtraFieldNameAllowed(field)) {
+            actionIfNewName.invoke()
+        } else {
+            Log.e(TAG, "Unable to create the new field, field name already exists")
+            coordinatorLayout?.let {
+                Snackbar.make(it, R.string.error_field_name_already_exists, Snackbar.LENGTH_LONG).asError().show()
+            }
+        }
+    }
+
    override fun onNewCustomFieldApproved(newField: Field) {
-        entryEditFragment?.apply {
-            putExtraField(newField)
+        verifyNameField(newField) {
+            entryEditFragment?.putExtraField(newField)
        }
    }

    override fun onEditCustomFieldApproved(oldField: Field, newField: Field) {
-        entryEditFragment?.replaceExtraField(oldField, newField)
+        if (oldField.name.equals(newField.name, true)) {
+            entryEditFragment?.replaceExtraField(oldField, newField)
+        } else {
+            verifyNameField(newField) {
+                entryEditFragment?.replaceExtraField(oldField, newField)
+            }
+        }
    }

    override fun onDeleteCustomFieldApproved(oldField: Field) {
@@ -588,13 +619,7 @@ class EntryEditActivity : LockingActivity(),

    override fun onCreateOptionsMenu(menu: Menu): Boolean {
        super.onCreateOptionsMenu(menu)
-
-        val inflater = menuInflater
-        inflater.inflate(R.menu.database, menu)
-        // Save database not needed here
-        menu.findItem(R.id.menu_save_database)?.isVisible = false
-        MenuUtil.contributionMenuInflater(inflater, menu)
-
+        MenuUtil.contributionMenuInflater(menuInflater, menu)
        return true
    }

@@ -651,9 +676,6 @@ class EntryEditActivity : LockingActivity(),

    override fun onOptionsItemSelected(item: MenuItem): Boolean {
        when (item.itemId) {
-            R.id.menu_save_database -> {
-                mProgressDatabaseTaskProvider?.startDatabaseSave(!mReadOnly)
-            }
            R.id.menu_contribute -> {
                MenuUtil.onContributionItemSelected(this)
                return true
@@ -887,7 +909,7 @@ class EntryEditActivity : LockingActivity(),
         */
        @RequiresApi(api = Build.VERSION_CODES.O)
        fun launchForAutofillResult(activity: Activity,
-                                    assistStructure: AssistStructure,
+                                    autofillComponent: AutofillComponent,
                                    group: Group,
                                    searchInfo: SearchInfo? = null) {
            if (TimeoutHelper.checkTimeAndLockIfTimeout(activity)) {
@@ -895,7 +917,7 @@ class EntryEditActivity : LockingActivity(),
                intent.putExtra(KEY_PARENT, group.nodeId)
                AutofillHelper.startActivityForAutofillResult(activity,
                        intent,
-                        assistStructure,
+                        autofillComponent,
                        searchInfo)
            }
        }
--- a/app/src/main/java/com/kunzisoft/keepass/activities/EntryEditFragment.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/activities/EntryEditFragment.kt
@@ -37,6 +37,7 @@ import com.google.android.material.textfield.TextInputEditText
 import com.google.android.material.textfield.TextInputLayout
 import com.kunzisoft.keepass.R
 import com.kunzisoft.keepass.activities.dialogs.GeneratePasswordDialogFragment
+import com.kunzisoft.keepass.activities.lock.resetAppTimeoutWhenViewFocusedOrChanged
 import com.kunzisoft.keepass.activities.stylish.StylishFragment
 import com.kunzisoft.keepass.adapters.EntryAttachmentsItemsAdapter
 import com.kunzisoft.keepass.database.element.Attachment
@@ -148,6 +149,8 @@ class EntryEditFragment: StylishFragment() {
        iconColor = taIconColor?.getColor(0, Color.WHITE) ?: Color.WHITE
        taIconColor?.recycle()

+        rootView?.resetAppTimeoutWhenViewFocusedOrChanged(requireContext())
+
        // Retrieve the new entry after an orientation change
        if (arguments?.containsKey(KEY_TEMP_ENTRY_INFO) == true)
            mEntryInfo = arguments?.getParcelable(KEY_TEMP_ENTRY_INFO) ?: mEntryInfo
--- a/app/src/main/java/com/kunzisoft/keepass/activities/EntrySelectionLauncherActivity.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/activities/EntrySelectionLauncherActivity.kt
@@ -23,15 +23,17 @@ import android.app.Activity
 import android.content.Intent
 import android.net.Uri
 import android.os.Bundle
+import android.widget.Toast
 import androidx.appcompat.app.AppCompatActivity
+import com.kunzisoft.keepass.R
 import com.kunzisoft.keepass.activities.helpers.EntrySelectionHelper
 import com.kunzisoft.keepass.database.element.Database
 import com.kunzisoft.keepass.database.search.SearchHelper
 import com.kunzisoft.keepass.magikeyboard.MagikIME
 import com.kunzisoft.keepass.model.EntryInfo
 import com.kunzisoft.keepass.model.SearchInfo
+import com.kunzisoft.keepass.otp.OtpEntryFields
 import com.kunzisoft.keepass.settings.PreferencesUtil
-import com.kunzisoft.keepass.utils.UriUtil

 /**
 * Activity to search or select entry in database,
@@ -42,22 +44,35 @@ class EntrySelectionLauncherActivity : AppCompatActivity() {
    override fun onCreate(savedInstanceState: Bundle?) {

        var sharedWebDomain: String? = null
+        var otpString: String? = null

        when (intent?.action) {
            Intent.ACTION_SEND -> {
                if ("text/plain" == intent.type) {
-                    // Retrieve web domain
-                    intent.getStringExtra(Intent.EXTRA_TEXT)?.let {
-                        sharedWebDomain = Uri.parse(it).host
+                    // Retrieve web domain or OTP
+                    intent.getStringExtra(Intent.EXTRA_TEXT)?.let { extra ->
+                        if (OtpEntryFields.isOTPUri(extra))
+                            otpString = extra
+                        else
+                            sharedWebDomain = Uri.parse(extra).host
                    }
                }
            }
+            Intent.ACTION_VIEW -> {
+                // Retrieve OTP
+                intent.dataString?.let { extra ->
+                    if (OtpEntryFields.isOTPUri(extra))
+                        otpString = extra
+                }
+            }
            else -> {}
        }

-        // Build search param
+
+        // Build domain search param
        val searchInfo = SearchInfo().apply {
-            webDomain = sharedWebDomain
+            this.webDomain = sharedWebDomain
+            this.otpString = otpString
        }
        SearchInfo.getConcreteWebDomain(this, searchInfo.webDomain) { concreteWebDomain ->
            searchInfo.webDomain = concreteWebDomain
@@ -68,62 +83,97 @@ class EntrySelectionLauncherActivity : AppCompatActivity() {
    }

    private fun launch(searchInfo: SearchInfo) {
-        // Setting to integrate Magikeyboard
-        val searchShareForMagikeyboard = PreferencesUtil.isKeyboardSearchShareEnable(this)

-        // If database is open
-        val database = Database.getInstance()
-        val readOnly = database.isReadOnly
-        SearchHelper.checkAutoSearchInfo(this,
-                database,
-                searchInfo,
-                { items ->
-                    // Items found
-                    if (searchShareForMagikeyboard) {
-                        if (items.size == 1) {
-                            // Automatically populate keyboard
-                            val entryPopulate = items[0]
-                            populateKeyboardAndMoveAppToBackground(this,
-                                    entryPopulate,
-                                    intent)
+        if (!searchInfo.containsOnlyNullValues()) {
+            // Setting to integrate Magikeyboard
+            val searchShareForMagikeyboard = PreferencesUtil.isKeyboardSearchShareEnable(this)
+
+            // If database is open
+            val database = Database.getInstance()
+            val readOnly = database.isReadOnly
+            SearchHelper.checkAutoSearchInfo(this,
+                    database,
+                    searchInfo,
+                    { items ->
+                        // Items found
+                        if (searchInfo.otpString != null) {
+                            if (!readOnly) {
+                                GroupActivity.launchForSaveResult(this,
+                                        searchInfo,
+                                        false)
+                            } else {
+                                Toast.makeText(applicationContext,
+                                        R.string.autofill_read_only_save,
+                                        Toast.LENGTH_LONG)
+                                        .show()
+                            }
+                        } else if (searchShareForMagikeyboard) {
+                            if (items.size == 1) {
+                                // Automatically populate keyboard
+                                val entryPopulate = items[0]
+                                populateKeyboardAndMoveAppToBackground(this,
+                                        entryPopulate,
+                                        intent)
+                            } else {
+                                // Select the one we want
+                                GroupActivity.launchForKeyboardSelectionResult(this,
+                                        readOnly,
+                                        searchInfo,
+                                        true)
+                            }
                        } else {
-                            // Select the one we want
-                            GroupActivity.launchForKeyboardSelectionResult(this,
+                            GroupActivity.launchForSearchResult(this,
                                    readOnly,
                                    searchInfo,
                                    true)
                        }
-                    } else {
-                        GroupActivity.launchForSearchResult(this,
-                                readOnly,
-                                searchInfo,
-                                true)
+                    },
+                    {
+                        // Show the database UI to select the entry
+                        if (searchInfo.otpString != null) {
+                            if (!readOnly) {
+                                GroupActivity.launchForSaveResult(this,
+                                        searchInfo,
+                                        false)
+                            } else {
+                                Toast.makeText(applicationContext,
+                                        R.string.autofill_read_only_save,
+                                        Toast.LENGTH_LONG)
+                                        .show()
+                            }
+                        } else if (readOnly || searchShareForMagikeyboard) {
+                            GroupActivity.launchForKeyboardSelectionResult(this,
+                                    readOnly,
+                                    searchInfo,
+                                    false)
+                        } else {
+                            GroupActivity.launchForSaveResult(this,
+                                    searchInfo,
+                                    false)
+                        }
+                    },
+                    {
+                        // If database not open
+                        if (searchInfo.otpString != null) {
+                            if (!readOnly) {
+                                FileDatabaseSelectActivity.launchForSaveResult(this,
+                                        searchInfo)
+                            } else {
+                                Toast.makeText(applicationContext,
+                                        R.string.autofill_read_only_save,
+                                        Toast.LENGTH_LONG)
+                                        .show()
+                            }
+                        } else if (searchShareForMagikeyboard) {
+                            FileDatabaseSelectActivity.launchForKeyboardSelectionResult(this,
+                                    searchInfo)
+                        } else {
+                            FileDatabaseSelectActivity.launchForSearchResult(this,
+                                    searchInfo)
+                        }
                    }
-                },
-                {
-                    // Show the database UI to select the entry
-                    if (readOnly || searchShareForMagikeyboard) {
-                        GroupActivity.launchForKeyboardSelectionResult(this,
-                                readOnly,
-                                searchInfo,
-                                false)
-                    } else {
-                        GroupActivity.launchForSaveResult(this,
-                                searchInfo,
-                                false)
-                    }
-                },
-                {
-                    // If database not open
-                    if (searchShareForMagikeyboard) {
-                        FileDatabaseSelectActivity.launchForKeyboardSelectionResult(this,
-                                searchInfo)
-                    } else {
-                        FileDatabaseSelectActivity.launchForSearchResult(this,
-                                searchInfo)
-                    }
-                }
-        )
+            )
+        }
        finish()
    }
 }
--- a/app/src/main/java/com/kunzisoft/keepass/activities/FileDatabaseSelectActivity.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/activities/FileDatabaseSelectActivity.kt
@@ -20,7 +20,6 @@
 package com.kunzisoft.keepass.activities

 import android.app.Activity
-import android.app.assist.AssistStructure
 import android.content.Context
 import android.content.Intent
 import android.net.Uri
@@ -36,7 +35,6 @@ import androidx.activity.viewModels
 import androidx.annotation.RequiresApi
 import androidx.appcompat.widget.Toolbar
 import androidx.coordinatorlayout.widget.CoordinatorLayout
-import androidx.lifecycle.Observer
 import androidx.recyclerview.widget.LinearLayoutManager
 import androidx.recyclerview.widget.RecyclerView
 import androidx.recyclerview.widget.SimpleItemAnimator
@@ -49,6 +47,7 @@ import com.kunzisoft.keepass.activities.helpers.SpecialMode
 import com.kunzisoft.keepass.activities.selection.SpecialModeActivity
 import com.kunzisoft.keepass.adapters.FileDatabaseHistoryAdapter
 import com.kunzisoft.keepass.app.database.FileDatabaseHistoryAction
+import com.kunzisoft.keepass.autofill.AutofillComponent
 import com.kunzisoft.keepass.autofill.AutofillHelper
 import com.kunzisoft.keepass.database.action.ProgressDatabaseTaskProvider
 import com.kunzisoft.keepass.database.element.Database
@@ -162,7 +161,7 @@ class FileDatabaseSelectActivity : SpecialModeActivity(),
        }

        // Observe list of databases
-        databaseFilesViewModel.databaseFilesLoaded.observe(this, Observer { databaseFiles ->
+        databaseFilesViewModel.databaseFilesLoaded.observe(this) { databaseFiles ->
            when (databaseFiles.databaseFileAction) {
                DatabaseFilesViewModel.DatabaseFileAction.NONE -> {
                    mAdapterDatabaseHistory?.replaceAllDatabaseFileHistoryList(databaseFiles.databaseFileList)
@@ -186,13 +185,13 @@ class FileDatabaseSelectActivity : SpecialModeActivity(),
                }
            }
            databaseFilesViewModel.consumeAction()
-        })
+        }

        // Observe default database
-        databaseFilesViewModel.defaultDatabase.observe(this, Observer {
+        databaseFilesViewModel.defaultDatabase.observe(this) {
            // Retrieve settings for default database
            mAdapterDatabaseHistory?.setDefaultDatabase(it)
-        })
+        }

        // Attach the dialog thread to this activity
        mProgressDatabaseTaskProvider = ProgressDatabaseTaskProvider(this).apply {
@@ -237,10 +236,10 @@ class FileDatabaseSelectActivity : SpecialModeActivity(),

    private fun fileNoFoundAction(e: FileNotFoundException) {
        val error = getString(R.string.file_not_found_content)
+        Log.e(TAG, error, e)
        coordinatorLayout?.let {
            Snackbar.make(it, error, Snackbar.LENGTH_LONG).asError().show()
        }
-        Log.e(TAG, error, e)
    }

    private fun launchPasswordActivity(databaseUri: Uri, keyFile: Uri?) {
@@ -435,8 +434,8 @@ class FileDatabaseSelectActivity : SpecialModeActivity(),
        when (item.itemId) {
            android.R.id.home -> UriUtil.gotoUrl(this, R.string.file_manager_explanation_url)
        }
-
-        return MenuUtil.onDefaultMenuOptionsItemSelected(this, item) && super.onOptionsItemSelected(item)
+        MenuUtil.onDefaultMenuOptionsItemSelected(this, item)
+        return super.onOptionsItemSelected(item)
    }

    companion object {
@@ -468,6 +467,19 @@ class FileDatabaseSelectActivity : SpecialModeActivity(),
                    searchInfo)
        }

+        /*
+         * -------------------------
+         * 		Save Launch
+         * -------------------------
+         */
+
+        fun launchForSaveResult(context: Context,
+                                searchInfo: SearchInfo) {
+            EntrySelectionHelper.startActivityForSaveModeResult(context,
+                    Intent(context, FileDatabaseSelectActivity::class.java),
+                    searchInfo)
+        }
+
        /*
         * -------------------------
         * 		Keyboard Launch
@@ -489,11 +501,11 @@ class FileDatabaseSelectActivity : SpecialModeActivity(),

        @RequiresApi(api = Build.VERSION_CODES.O)
        fun launchForAutofillResult(activity: Activity,
-                                    assistStructure: AssistStructure,
+                                    autofillComponent: AutofillComponent,
                                    searchInfo: SearchInfo? = null) {
            AutofillHelper.startActivityForAutofillResult(activity,
                    Intent(activity, FileDatabaseSelectActivity::class.java),
-                    assistStructure,
+                    autofillComponent,
                    searchInfo)
        }

--- a/app/src/main/java/com/kunzisoft/keepass/activities/GroupActivity.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/activities/GroupActivity.kt
@@ -20,7 +20,6 @@ package com.kunzisoft.keepass.activities

 import android.app.Activity
 import android.app.SearchManager
-import android.app.assist.AssistStructure
 import android.content.ComponentName
 import android.content.Context
 import android.content.Intent
@@ -50,7 +49,9 @@ import com.kunzisoft.keepass.activities.helpers.EntrySelectionHelper
 import com.kunzisoft.keepass.activities.helpers.ReadOnlyHelper
 import com.kunzisoft.keepass.activities.helpers.SpecialMode
 import com.kunzisoft.keepass.activities.lock.LockingActivity
+import com.kunzisoft.keepass.activities.lock.resetAppTimeoutWhenViewFocusedOrChanged
 import com.kunzisoft.keepass.adapters.SearchEntryCursorAdapter
+import com.kunzisoft.keepass.autofill.AutofillComponent
 import com.kunzisoft.keepass.autofill.AutofillHelper
 import com.kunzisoft.keepass.database.element.Database
 import com.kunzisoft.keepass.database.element.Entry
@@ -69,6 +70,7 @@ import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Compa
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_CREATE_GROUP_TASK
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_DELETE_NODES_TASK
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_MOVE_NODES_TASK
+import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_RELOAD_TASK
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_UPDATE_ENTRY_TASK
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_UPDATE_GROUP_TASK
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.NEW_NODES_KEY
@@ -153,7 +155,7 @@ class GroupActivity : LockingActivity(),
        taTextColor.recycle()

        // Focus view to reinitialize timeout
-        resetAppTimeoutWhenViewFocusedOrChanged(rootContainerView)
+        rootContainerView?.resetAppTimeoutWhenViewFocusedOrChanged(this)

        // Retrieve elements after an orientation change
        if (savedInstanceState != null) {
@@ -227,10 +229,10 @@ class GroupActivity : LockingActivity(),
                                    currentGroup, searchInfo)
                            onLaunchActivitySpecialMode()
                        },
-                        { searchInfo, assistStructure ->
+                        { searchInfo, autofillComponent ->
                            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
                                EntryEditActivity.launchForAutofillResult(this@GroupActivity,
-                                        assistStructure,
+                                        autofillComponent,
                                        currentGroup, searchInfo)
                                onLaunchActivitySpecialMode()
                            } else {
@@ -316,7 +318,12 @@ class GroupActivity : LockingActivity(),
                        if (result.isSuccess) {

                            // Rebuild all the list to avoid bug when delete node from sort
-                            mListNodesFragment?.rebuildList()
+                            try {
+                                mListNodesFragment?.rebuildList()
+                            } catch (e: Exception) {
+                                Log.e(TAG, "Unable to rebuild the list after deletion")
+                                e.printStackTrace()
+                            }

                            // Add trash in views list if it doesn't exists
                            if (database.isRecycleBinEnabled) {
@@ -336,6 +343,12 @@ class GroupActivity : LockingActivity(),
                            }
                        }
                    }
+                    ACTION_DATABASE_RELOAD_TASK -> {
+                        // Reload the current activity
+                        startActivity(intent)
+                        finish()
+                        overridePendingTransition(android.R.anim.fade_in, android.R.anim.fade_out)
+                    }
                }

                coordinatorLayout?.showActionError(result)
@@ -591,13 +604,29 @@ class GroupActivity : LockingActivity(),
                                finish()
                        },
                        { searchInfo ->
-                            if (!mReadOnly
-                                    && searchInfo != null
-                                    && PreferencesUtil.isKeyboardSaveSearchInfoEnable(this@GroupActivity)) {
-                                updateEntryWithSearchInfo(entryVersioned, searchInfo)
-                            } else {
-                                entrySelectedForKeyboardSelection(entryVersioned)
-                            }
+                            // Recheck search, only to fix #783 because workflow allows to open multiple search elements
+                            SearchHelper.checkAutoSearchInfo(this,
+                                    mDatabase!!,
+                                    searchInfo,
+                                    { _ ->
+                                        // Item in search, don't save
+                                        entrySelectedForKeyboardSelection(entryVersioned)
+                                    },
+                                    {
+                                        // Item not found, save it if required
+                                        if (!mReadOnly
+                                                && searchInfo != null
+                                                && PreferencesUtil.isKeyboardSaveSearchInfoEnable(this@GroupActivity)) {
+                                            updateEntryWithSearchInfo(entryVersioned, searchInfo)
+                                        } else {
+                                            entrySelectedForKeyboardSelection(entryVersioned)
+                                        }
+                                    },
+                                    {
+                                        // Normally not append
+                                        finish()
+                                    }
+                            )
                        },
                        { searchInfo, _ ->
                            if (!mReadOnly
@@ -643,7 +672,7 @@ class GroupActivity : LockingActivity(),
        // Build response with the entry selected
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O && mDatabase != null) {
            mDatabase?.let { database ->
-                AutofillHelper.buildResponse(this,
+                AutofillHelper.buildResponseAndSetResult(this,
                        entry.getEntryInfo(database))
            }
        }
@@ -660,7 +689,7 @@ class GroupActivity : LockingActivity(),

    private fun updateEntryWithSearchInfo(entry: Entry, searchInfo: SearchInfo) {
        val newEntry = Entry(entry)
-        newEntry.setEntryInfo(mDatabase, newEntry.getEntryInfo(mDatabase).apply {
+        newEntry.setEntryInfo(mDatabase, newEntry.getEntryInfo(mDatabase, true).apply {
            saveSearchInfo(mDatabase, searchInfo)
        })
        // In selection mode, it's forced read-only, so update not allowed
@@ -856,6 +885,8 @@ class GroupActivity : LockingActivity(),
        }
        if (mSpecialMode == SpecialMode.DEFAULT) {
            MenuUtil.defaultMenuInflater(inflater, menu)
+        } else {
+            menu.findItem(R.id.menu_reload_database)?.isVisible = false
        }

        // Menu for recycle bin
@@ -981,6 +1012,10 @@ class GroupActivity : LockingActivity(),
                mProgressDatabaseTaskProvider?.startDatabaseSave(!mReadOnly)
                return true
            }
+            R.id.menu_reload_database -> {
+                mProgressDatabaseTaskProvider?.startDatabaseReload(false)
+                return true
+            }
            R.id.menu_empty_recycle_bin -> {
                mCurrentGroup?.getChildren()?.let { listChildren ->
                    // Automatically delete all elements
@@ -1108,7 +1143,16 @@ class GroupActivity : LockingActivity(),
    private fun rebuildListNodes() {
        mListNodesFragment = supportFragmentManager.findFragmentByTag(LIST_NODES_FRAGMENT_TAG) as ListNodesFragment?
        // to refresh fragment
-        mListNodesFragment?.rebuildList()
+        try {
+            mListNodesFragment?.rebuildList()
+        } catch (e: Exception) {
+            e.printStackTrace()
+            coordinatorLayout?.let { coordinatorLayout ->
+                Snackbar.make(coordinatorLayout,
+                        R.string.error_rebuild_list,
+                        Snackbar.LENGTH_LONG).asError().show()
+            }
+        }
        mCurrentGroup = mListNodesFragment?.mainGroup
        // Remove search in intent
        deletePreviousSearchGroup()
@@ -1279,14 +1323,14 @@ class GroupActivity : LockingActivity(),
        @RequiresApi(api = Build.VERSION_CODES.O)
        fun launchForAutofillResult(activity: Activity,
                                    readOnly: Boolean,
-                                    assistStructure: AssistStructure,
+                                    autofillComponent: AutofillComponent,
                                    searchInfo: SearchInfo? = null,
                                    autoSearch: Boolean = false) {
            checkTimeAndBuildIntent(activity, null, readOnly) { intent ->
                intent.putExtra(AUTO_SEARCH_KEY, autoSearch)
                AutofillHelper.startActivityForAutofillResult(activity,
                        intent,
-                        assistStructure,
+                        autofillComponent,
                        searchInfo)
            }
        }
@@ -1354,8 +1398,20 @@ class GroupActivity : LockingActivity(),
                                }
                        )
                    },
-                    {
-                        // Nothing with Save Info, only pass by search first
+                    { searchInfo ->
+                        // Save info used with OTP
+                        if (!readOnly) {
+                            GroupActivity.launchForSaveResult(activity,
+                                    searchInfo,
+                                    false)
+                            onLaunchActivitySpecialMode()
+                        }  else {
+                            Toast.makeText(activity.applicationContext,
+                                    R.string.autofill_read_only_save,
+                                    Toast.LENGTH_LONG)
+                                    .show()
+                            onCancelSpecialMode()
+                        }
                    },
                    { searchInfo ->
                        SearchHelper.checkAutoSearchInfo(activity,
@@ -1391,21 +1447,21 @@ class GroupActivity : LockingActivity(),
                                }
                        )
                    },
-                    { searchInfo, assistStructure ->
+                    { searchInfo, autofillComponent ->
                        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
                            SearchHelper.checkAutoSearchInfo(activity,
                                    Database.getInstance(),
                                    searchInfo,
                                    { items ->
                                        // Response is build
-                                        AutofillHelper.buildResponse(activity, items)
+                                        AutofillHelper.buildResponseAndSetResult(activity, items)
                                        onValidateSpecialMode()
                                    },
                                    {
                                        // Here no search info found, disable auto search
                                        GroupActivity.launchForAutofillResult(activity,
                                                readOnly,
-                                                assistStructure,
+                                                autofillComponent,
                                                searchInfo,
                                                false)
                                        onLaunchActivitySpecialMode()
--- a/app/src/main/java/com/kunzisoft/keepass/activities/ListNodesFragment.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/activities/ListNodesFragment.kt
@@ -22,30 +22,24 @@ package com.kunzisoft.keepass.activities
 import android.content.Context
 import android.content.Intent
 import android.os.Bundle
+import android.util.Log
+import android.view.*
+import androidx.appcompat.view.ActionMode
 import androidx.recyclerview.widget.LinearLayoutManager
 import androidx.recyclerview.widget.RecyclerView
-import android.util.Log
-import android.view.LayoutInflater
-import android.view.Menu
-import android.view.MenuInflater
-import android.view.MenuItem
-import android.view.View
-import android.view.ViewGroup
-import androidx.appcompat.view.ActionMode
-
 import com.kunzisoft.keepass.R
-import com.kunzisoft.keepass.adapters.NodeAdapter
-import com.kunzisoft.keepass.database.element.SortNodeEnum
-import com.kunzisoft.keepass.database.element.Group
-import com.kunzisoft.keepass.database.element.node.Node
 import com.kunzisoft.keepass.activities.dialogs.SortDialogFragment
 import com.kunzisoft.keepass.activities.helpers.EntrySelectionHelper
-import com.kunzisoft.keepass.settings.PreferencesUtil
-import com.kunzisoft.keepass.activities.stylish.StylishFragment
 import com.kunzisoft.keepass.activities.helpers.ReadOnlyHelper
 import com.kunzisoft.keepass.activities.helpers.SpecialMode
+import com.kunzisoft.keepass.activities.stylish.StylishFragment
+import com.kunzisoft.keepass.adapters.NodeAdapter
 import com.kunzisoft.keepass.database.element.Database
+import com.kunzisoft.keepass.database.element.Group
+import com.kunzisoft.keepass.database.element.SortNodeEnum
+import com.kunzisoft.keepass.database.element.node.Node
 import com.kunzisoft.keepass.database.element.node.Type
+import com.kunzisoft.keepass.settings.PreferencesUtil
 import java.util.*

 class ListNodesFragment : StylishFragment(), SortDialogFragment.SortSelectionListener {
@@ -197,7 +191,12 @@ class ListNodesFragment : StylishFragment(), SortDialogFragment.SortSelectionLis
        }

        // Refresh data
-        rebuildList()
+        try {
+            rebuildList()
+        } catch (e: Exception) {
+            Log.e(TAG, "Unable to rebuild the list during resume")
+            e.printStackTrace()
+        }

        if (isASearchResult && mAdapter!= null && mAdapter!!.isEmpty) {
            // To show the " no search entry found "
@@ -209,10 +208,12 @@ class ListNodesFragment : StylishFragment(), SortDialogFragment.SortSelectionLis
        }
    }

+    @Throws(IllegalArgumentException::class)
    fun rebuildList() {
        // Add elements to the list
        mainGroup?.let { mainGroup ->
            mAdapter?.apply {
+                // Thrown an exception when sort cannot be performed
                rebuildList(mainGroup)
                // To visually change the elements
                if (PreferencesUtil.APPEARANCE_CHANGED) {
@@ -231,8 +232,13 @@ class ListNodesFragment : StylishFragment(), SortDialogFragment.SortSelectionLis
        }

        // Tell the adapter to refresh it's list
-        mAdapter?.notifyChangeSort(sortNodeEnum, sortNodeParameters)
-        rebuildList()
+        try {
+            mAdapter?.notifyChangeSort(sortNodeEnum, sortNodeParameters)
+            rebuildList()
+        } catch (e:Exception) {
+            Log.e(TAG, "Unable to rebuild the list with the sort")
+            e.printStackTrace()
+        }
    }

    override fun onCreateOptionsMenu(menu: Menu, inflater: MenuInflater) {
--- a/app/src/main/java/com/kunzisoft/keepass/activities/PasswordActivity.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/activities/PasswordActivity.kt
@@ -20,7 +20,6 @@
 package com.kunzisoft.keepass.activities

 import android.app.Activity
-import android.app.assist.AssistStructure
 import android.content.Intent
 import android.content.pm.PackageManager
 import android.net.Uri
@@ -37,9 +36,8 @@ import android.widget.*
 import androidx.activity.viewModels
 import androidx.annotation.RequiresApi
 import androidx.appcompat.widget.Toolbar
-import androidx.biometric.BiometricManager
 import androidx.core.app.ActivityCompat
-import androidx.lifecycle.Observer
+import androidx.fragment.app.commit
 import com.google.android.material.snackbar.Snackbar
 import com.kunzisoft.keepass.R
 import com.kunzisoft.keepass.activities.dialogs.DuplicateUuidDialog
@@ -50,12 +48,13 @@ import com.kunzisoft.keepass.activities.helpers.SpecialMode
 import com.kunzisoft.keepass.activities.lock.LockingActivity
 import com.kunzisoft.keepass.activities.selection.SpecialModeActivity
 import com.kunzisoft.keepass.app.database.CipherDatabaseEntity
+import com.kunzisoft.keepass.autofill.AutofillComponent
 import com.kunzisoft.keepass.autofill.AutofillHelper
-import com.kunzisoft.keepass.biometric.AdvancedUnlockedManager
-import com.kunzisoft.keepass.biometric.BiometricUnlockDatabaseHelper
+import com.kunzisoft.keepass.biometric.AdvancedUnlockFragment
 import com.kunzisoft.keepass.database.action.ProgressDatabaseTaskProvider
 import com.kunzisoft.keepass.database.element.Database
 import com.kunzisoft.keepass.database.exception.DuplicateUuidDatabaseException
+import com.kunzisoft.keepass.database.exception.FileNotFoundDatabaseException
 import com.kunzisoft.keepass.education.PasswordActivityEducation
 import com.kunzisoft.keepass.model.RegisterInfo
 import com.kunzisoft.keepass.model.SearchInfo
@@ -69,14 +68,13 @@ import com.kunzisoft.keepass.settings.PreferencesUtil
 import com.kunzisoft.keepass.utils.BACK_PREVIOUS_KEYBOARD_ACTION
 import com.kunzisoft.keepass.utils.MenuUtil
 import com.kunzisoft.keepass.utils.UriUtil
-import com.kunzisoft.keepass.view.AdvancedUnlockInfoView
 import com.kunzisoft.keepass.view.KeyFileSelectionView
 import com.kunzisoft.keepass.view.asError
 import com.kunzisoft.keepass.viewmodels.DatabaseFileViewModel
 import kotlinx.android.synthetic.main.activity_password.*
 import java.io.FileNotFoundException

-open class PasswordActivity : SpecialModeActivity() {
+open class PasswordActivity : SpecialModeActivity(), AdvancedUnlockFragment.BuilderListener {

    // Views
    private var toolbar: Toolbar? = null
@@ -86,12 +84,12 @@ open class PasswordActivity : SpecialModeActivity() {
    private var confirmButtonView: Button? = null
    private var checkboxPasswordView: CompoundButton? = null
    private var checkboxKeyFileView: CompoundButton? = null
-    private var advancedUnlockInfoView: AdvancedUnlockInfoView? = null
+    private var advancedUnlockFragment: AdvancedUnlockFragment? = null
    private var infoContainerView: ViewGroup? = null
-    private var enableButtonOnCheckedChangeListener: CompoundButton.OnCheckedChangeListener? = null

    private val databaseFileViewModel: DatabaseFileViewModel by viewModels()

+    private var mDefaultDatabase: Boolean = false
    private var mDatabaseFileUri: Uri? = null
    private var mDatabaseKeyFileUri: Uri? = null

@@ -113,7 +111,6 @@ open class PasswordActivity : SpecialModeActivity() {

    private var mProgressDatabaseTaskProvider: ProgressDatabaseTaskProvider? = null

-    private var advancedUnlockedManager: AdvancedUnlockedManager? = null
    private var mAllowAutoOpenBiometricPrompt: Boolean = true

    override fun onCreate(savedInstanceState: Bundle?) {
@@ -133,7 +130,6 @@ open class PasswordActivity : SpecialModeActivity() {
        keyFileSelectionView = findViewById(R.id.keyfile_selection)
        checkboxPasswordView = findViewById(R.id.password_checkbox)
        checkboxKeyFileView = findViewById(R.id.keyfile_checkox)
-        advancedUnlockInfoView = findViewById(R.id.biometric_info)
        infoContainerView = findViewById(R.id.activity_password_info_container)

        mPermissionAsked = savedInstanceState?.getBoolean(KEY_PERMISSION_ASKED) ?: mPermissionAsked
@@ -160,10 +156,6 @@ open class PasswordActivity : SpecialModeActivity() {
            }
        })

-        enableButtonOnCheckedChangeListener = CompoundButton.OnCheckedChangeListener { _, _ ->
-            enableOrNotTheConfirmationButton()
-        }
-
        // If is a view intent
        getUriFromIntent(intent)
        if (savedInstanceState?.containsKey(KEY_KEYFILE) == true) {
@@ -173,8 +165,31 @@ open class PasswordActivity : SpecialModeActivity() {
            mAllowAutoOpenBiometricPrompt = savedInstanceState.getBoolean(ALLOW_AUTO_OPEN_BIOMETRIC_PROMPT)
        }

+        // Init Biometric elements
+        advancedUnlockFragment = supportFragmentManager
+                .findFragmentByTag(UNLOCK_FRAGMENT_TAG) as? AdvancedUnlockFragment?
+        if (advancedUnlockFragment == null) {
+            advancedUnlockFragment = AdvancedUnlockFragment()
+            supportFragmentManager.commit {
+                replace(R.id.fragment_advanced_unlock_container_view,
+                        advancedUnlockFragment!!,
+                        UNLOCK_FRAGMENT_TAG)
+            }
+        }
+
+        // Listen password checkbox to init advanced unlock and confirmation button
+        checkboxPasswordView?.setOnCheckedChangeListener { _, _ ->
+            advancedUnlockFragment?.checkUnlockAvailability()
+            enableOrNotTheConfirmationButton()
+        }
+
+        // Observe if default database
+        databaseFileViewModel.isDefaultDatabase.observe(this) { isDefaultDatabase ->
+            mDefaultDatabase = isDefaultDatabase
+        }
+
        // Observe database file change
-        databaseFileViewModel.databaseFileLoaded.observe(this, Observer { databaseFile ->
+        databaseFileViewModel.databaseFileLoaded.observe(this) { databaseFile ->
            // Force read only if the file does not exists
            mForceReadOnly = databaseFile?.let {
                !it.databaseFileExists
@@ -194,19 +209,14 @@ open class PasswordActivity : SpecialModeActivity() {
            filenameView?.text = databaseFile?.databaseAlias ?: ""

            onDatabaseFileLoaded(databaseFile?.databaseUri, keyFileUri)
-        })
+        }

        mProgressDatabaseTaskProvider = ProgressDatabaseTaskProvider(this).apply {
            onActionFinish = { actionTask, result ->
                when (actionTask) {
                    ACTION_DATABASE_LOAD_TASK -> {
-                        // Recheck biometric if error
-                        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
-                            if (PreferencesUtil.isBiometricUnlockEnable(this@PasswordActivity)) {
-                                // Stay with the same mode and init it
-                                advancedUnlockedManager?.initBiometricMode()
-                            }
-                        }
+                        // Recheck advanced unlock if error
+                        advancedUnlockFragment?.initAdvancedUnlockMode()

                        if (result.isSuccess) {
                            mDatabaseKeyFileUri = null
@@ -220,32 +230,40 @@ open class PasswordActivity : SpecialModeActivity() {
                            if (resultException != null) {
                                resultError = resultException.getLocalizedMessage(resources)

-                                // Relaunch loading if we need to fix UUID
-                                if (resultException is DuplicateUuidDatabaseException) {
-                                    showLoadDatabaseDuplicateUuidMessage {
+                                when (resultException) {
+                                    is DuplicateUuidDatabaseException -> {
+                                        // Relaunch loading if we need to fix UUID
+                                        showLoadDatabaseDuplicateUuidMessage {

-                                        var databaseUri: Uri? = null
-                                        var masterPassword: String? = null
-                                        var keyFileUri: Uri? = null
-                                        var readOnly = true
-                                        var cipherEntity: CipherDatabaseEntity? = null
+                                            var databaseUri: Uri? = null
+                                            var masterPassword: String? = null
+                                            var keyFileUri: Uri? = null
+                                            var readOnly = true
+                                            var cipherEntity: CipherDatabaseEntity? = null

-                                        result.data?.let { resultData ->
-                                            databaseUri = resultData.getParcelable(DATABASE_URI_KEY)
-                                            masterPassword = resultData.getString(MASTER_PASSWORD_KEY)
-                                            keyFileUri = resultData.getParcelable(KEY_FILE_URI_KEY)
-                                            readOnly = resultData.getBoolean(READ_ONLY_KEY)
-                                            cipherEntity = resultData.getParcelable(CIPHER_ENTITY_KEY)
+                                            result.data?.let { resultData ->
+                                                databaseUri = resultData.getParcelable(DATABASE_URI_KEY)
+                                                masterPassword = resultData.getString(MASTER_PASSWORD_KEY)
+                                                keyFileUri = resultData.getParcelable(KEY_FILE_URI_KEY)
+                                                readOnly = resultData.getBoolean(READ_ONLY_KEY)
+                                                cipherEntity = resultData.getParcelable(CIPHER_ENTITY_KEY)
+                                            }
+
+                                            databaseUri?.let { databaseFileUri ->
+                                                showProgressDialogAndLoadDatabase(
+                                                        databaseFileUri,
+                                                        masterPassword,
+                                                        keyFileUri,
+                                                        readOnly,
+                                                        cipherEntity,
+                                                        true)
+                                            }
                                        }
-
-                                        databaseUri?.let { databaseFileUri ->
-                                            showProgressDialogAndLoadDatabase(
-                                                    databaseFileUri,
-                                                    masterPassword,
-                                                    keyFileUri,
-                                                    readOnly,
-                                                    cipherEntity,
-                                                    true)
+                                    }
+                                    is FileNotFoundDatabaseException -> {
+                                        // Remove this default database inaccessible
+                                        if (mDefaultDatabase) {
+                                            databaseFileViewModel.removeDefaultDatabase()
                                        }
                                    }
                                }
@@ -277,6 +295,9 @@ open class PasswordActivity : SpecialModeActivity() {
            mDatabaseFileUri = intent?.getParcelableExtra(KEY_FILENAME)
            mDatabaseKeyFileUri = intent?.getParcelableExtra(KEY_KEYFILE)
        }
+        mDatabaseFileUri?.let {
+            databaseFileViewModel.checkIfIsDefaultDatabase(it)
+        }
    }

    override fun onNewIntent(intent: Intent?) {
@@ -303,6 +324,33 @@ open class PasswordActivity : SpecialModeActivity() {
        finish()
    }

+    override fun retrieveCredentialForEncryption(): String {
+        return passwordView?.text?.toString() ?: ""
+    }
+
+    override fun conditionToStoreCredential(): Boolean {
+        return checkboxPasswordView?.isChecked == true
+    }
+
+    override fun onCredentialEncrypted(databaseUri: Uri,
+                                       encryptedCredential: String,
+                                       ivSpec: String) {
+        // Load the database if password is registered with biometric
+        verifyCheckboxesAndLoadDatabase(
+                CipherDatabaseEntity(
+                        databaseUri.toString(),
+                        encryptedCredential,
+                        ivSpec)
+        )
+    }
+
+    override fun onCredentialDecrypted(databaseUri: Uri,
+                                       decryptedCredential: String) {
+        // Load the database if password is retrieve from biometric
+        // Retrieve from biometric
+        verifyKeyFileCheckboxAndLoadDatabase(decryptedCredential)
+    }
+
    private val onEditorActionListener = object : TextView.OnEditorActionListener {
        override fun onEditorAction(v: TextView?, actionId: Int, event: KeyEvent?): Boolean {
            if (actionId == IME_ACTION_DONE) {
@@ -369,48 +417,9 @@ open class PasswordActivity : SpecialModeActivity() {
            verifyCheckboxesAndLoadDatabase(password, keyFileUri)
        } else {
            // Init Biometric elements
-            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
-                if (PreferencesUtil.isBiometricUnlockEnable(this)) {
-                    if (advancedUnlockedManager == null
-                            && databaseFileUri != null) {
-                        advancedUnlockedManager = AdvancedUnlockedManager(this,
-                                databaseFileUri,
-                                advancedUnlockInfoView,
-                                checkboxPasswordView,
-                                enableButtonOnCheckedChangeListener,
-                                passwordView,
-                                { passwordEncrypted, ivSpec ->
-                                    // Load the database if password is registered with biometric
-                                    if (passwordEncrypted != null && ivSpec != null) {
-                                        verifyCheckboxesAndLoadDatabase(
-                                                CipherDatabaseEntity(
-                                                    databaseFileUri.toString(),
-                                                    passwordEncrypted,
-                                                    ivSpec)
-                                        )
-                                    }
-                                },
-                                { passwordDecrypted ->
-                                    // Load the database if password is retrieve from biometric
-                                    passwordDecrypted?.let {
-                                        // Retrieve from biometric
-                                        verifyKeyFileCheckboxAndLoadDatabase(it)
-                                    }
-                                })
-                    }
-                    advancedUnlockedManager?.isBiometricPromptAutoOpenEnable =
-                            mAllowAutoOpenBiometricPrompt && mProgressDatabaseTaskProvider?.isBinded() != true
-                    advancedUnlockedManager?.checkBiometricAvailability()
-                } else {
-                    advancedUnlockInfoView?.visibility = View.GONE
-                    advancedUnlockedManager?.destroy()
-                    advancedUnlockedManager = null
-                }
-            }
-            if (advancedUnlockedManager == null) {
-                checkboxPasswordView?.setOnCheckedChangeListener(enableButtonOnCheckedChangeListener)
-            }
-            checkboxKeyFileView?.setOnCheckedChangeListener(enableButtonOnCheckedChangeListener)
+            advancedUnlockFragment?.loadDatabase(databaseFileUri,
+                    mAllowAutoOpenBiometricPrompt
+                                        && mProgressDatabaseTaskProvider?.isBinded() != true)
        }

        enableOrNotTheConfirmationButton()
@@ -462,11 +471,6 @@ open class PasswordActivity : SpecialModeActivity() {
    override fun onPause() {
        mProgressDatabaseTaskProvider?.unregisterProgressTask()

-        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
-            advancedUnlockedManager?.destroy()
-            advancedUnlockedManager = null
-        }
-
        // Reinit locking activity UI variable
        LockingActivity.LOCKING_ACTIVITY_UI_VISIBLE_DURING_LOCK = null
        mAllowAutoOpenBiometricPrompt = true
@@ -575,11 +579,6 @@ open class PasswordActivity : SpecialModeActivity() {
            MenuUtil.defaultMenuInflater(inflater, menu)
        }

-        if ( Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
-            // biometric menu
-            advancedUnlockedManager?.inflateOptionsMenu(inflater, menu)
-        }
-
        super.onCreateOptionsMenu(menu)

        launchEducation(menu)
@@ -589,13 +588,13 @@ open class PasswordActivity : SpecialModeActivity() {

    // Check permission
    private fun checkPermission() {
-        val writePermission = android.Manifest.permission.WRITE_EXTERNAL_STORAGE
-        val permissions = arrayOf(writePermission)
-        if (Build.VERSION.SDK_INT >= 23
+        if (Build.VERSION.SDK_INT in 23..28
                && !readOnly
                && !mPermissionAsked) {
            mPermissionAsked = true
            // Check self permission to show or not the dialog
+            val writePermission = android.Manifest.permission.WRITE_EXTERNAL_STORAGE
+            val permissions = arrayOf(writePermission)
            if (toolbar != null
                    && ActivityCompat.checkSelfPermission(this, writePermission) != PackageManager.PERMISSION_GRANTED) {
                ActivityCompat.requestPermissions(this, permissions, WRITE_EXTERNAL_STORAGE_REQUEST)
@@ -655,21 +654,14 @@ open class PasswordActivity : SpecialModeActivity() {
                        performedNextEducation(passwordActivityEducation, menu)
                    })

-            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M
-                    && !readOnlyEducationPerformed) {
-                val biometricCanAuthenticate = BiometricUnlockDatabaseHelper.canAuthenticate(this)
-                PreferencesUtil.isBiometricUnlockEnable(applicationContext)
-                        && (biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_NONE_ENROLLED || biometricCanAuthenticate == BiometricManager.BIOMETRIC_SUCCESS)
-                        && advancedUnlockInfoView != null && advancedUnlockInfoView?.visibility == View.VISIBLE
-                        && advancedUnlockInfoView?.unlockIconImageView != null
-                        && passwordActivityEducation.checkAndPerformedBiometricEducation(advancedUnlockInfoView?.unlockIconImageView!!,
-                        {
-                            performedNextEducation(passwordActivityEducation, menu)
-                        },
-                        {
-                            performedNextEducation(passwordActivityEducation, menu)
-                        })
-            }
+            advancedUnlockFragment?.performEducation(passwordActivityEducation,
+                    readOnlyEducationPerformed,
+                    {
+                        performedNextEducation(passwordActivityEducation, menu)
+                    },
+                    {
+                        performedNextEducation(passwordActivityEducation, menu)
+                    })
        }
    }

@@ -691,10 +683,7 @@ open class PasswordActivity : SpecialModeActivity() {
                readOnly = !readOnly
                changeOpenFileReadIcon(item)
            }
-            R.id.menu_biometric_remove_key -> if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
-                advancedUnlockedManager?.deleteEntryKey()
-            }
-            else -> return MenuUtil.onDefaultMenuOptionsItemSelected(this, item)
+            else -> MenuUtil.onDefaultMenuOptionsItemSelected(this, item)
        }

        return super.onOptionsItemSelected(item)
@@ -708,6 +697,9 @@ open class PasswordActivity : SpecialModeActivity() {

        mAllowAutoOpenBiometricPrompt = false

+        // To get device credential unlock result
+        advancedUnlockFragment?.onActivityResult(requestCode, resultCode, data)
+
        // To get entry in result
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
            AutofillHelper.onActivityResultSetResultAndFinish(this, requestCode, resultCode, data)
@@ -728,7 +720,7 @@ open class PasswordActivity : SpecialModeActivity() {
            when (resultCode) {
                LockingActivity.RESULT_EXIT_LOCK -> {
                    clearCredentialsViews()
-                    Database.getInstance().closeAndClear(UriUtil.getBinaryDir(this))
+                    Database.getInstance().clearAndClose(UriUtil.getBinaryDir(this))
                }
                Activity.RESULT_CANCELED -> {
                    clearCredentialsViews()
@@ -741,6 +733,8 @@ open class PasswordActivity : SpecialModeActivity() {

        private val TAG = PasswordActivity::class.java.name

+        private const val UNLOCK_FRAGMENT_TAG = "UNLOCK_FRAGMENT_TAG"
+
        private const val KEY_FILENAME = "fileName"
        private const val KEY_KEYFILE = "keyFile"
        private const val VIEW_INTENT = "android.intent.action.VIEW"
@@ -795,6 +789,25 @@ open class PasswordActivity : SpecialModeActivity() {
            }
        }

+        /*
+         * -------------------------
+         * 		Save Launch
+         * -------------------------
+         */
+
+        @Throws(FileNotFoundException::class)
+        fun launchForSaveResult(activity: Activity,
+                                databaseFile: Uri,
+                                keyFile: Uri?,
+                                searchInfo: SearchInfo) {
+            buildAndLaunchIntent(activity, databaseFile, keyFile) { intent ->
+                EntrySelectionHelper.startActivityForSaveModeResult(
+                        activity,
+                        intent,
+                        searchInfo)
+            }
+        }
+
        /*
         * -------------------------
         * 		Keyboard Launch
@@ -825,13 +838,13 @@ open class PasswordActivity : SpecialModeActivity() {
        fun launchForAutofillResult(activity: Activity,
                                    databaseFile: Uri,
                                    keyFile: Uri?,
-                                    assistStructure: AssistStructure,
+                                    autofillComponent: AutofillComponent,
                                    searchInfo: SearchInfo?) {
            buildAndLaunchIntent(activity, databaseFile, keyFile) { intent ->
                AutofillHelper.startActivityForAutofillResult(
                        activity,
                        intent,
-                        assistStructure,
+                        autofillComponent,
                        searchInfo)
            }
        }
@@ -877,8 +890,11 @@ open class PasswordActivity : SpecialModeActivity() {
                                    searchInfo)
                            onLaunchActivitySpecialMode()
                        },
-                        { // Save Action
-                            // Not directly used, a search is performed before
+                        { searchInfo -> // Save Action
+                            PasswordActivity.launchForSaveResult(activity,
+                                    databaseUri, keyFile,
+                                    searchInfo)
+                            onLaunchActivitySpecialMode()
                        },
                        { searchInfo -> // Keyboard Selection Action
                            PasswordActivity.launchForKeyboardResult(activity,
@@ -886,11 +902,11 @@ open class PasswordActivity : SpecialModeActivity() {
                                    searchInfo)
                            onLaunchActivitySpecialMode()
                        },
-                        { searchInfo, assistStructure -> // Autofill Selection Action
+                        { searchInfo, autofillComponent -> // Autofill Selection Action
                            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
                                PasswordActivity.launchForAutofillResult(activity,
                                        databaseUri, keyFile,
-                                        assistStructure,
+                                        autofillComponent,
                                        searchInfo)
                                onLaunchActivitySpecialMode()
                            } else {
--- a/app/src/main/java/com/kunzisoft/keepass/activities/dialogs/DatabaseChangedDialogFragment.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/activities/dialogs/DatabaseChangedDialogFragment.kt
@@ -0,0 +1,92 @@
+/*
+ * Copyright 2020 Jeremy Jamet / Kunzisoft.
+ *
+ * This file is part of KeePassDX.
+ *
+ *  KeePassDX is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  KeePassDX is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with KeePassDX.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+package com.kunzisoft.keepass.activities.dialogs
+
+import android.app.Dialog
+import android.os.Bundle
+import android.text.SpannableStringBuilder
+import androidx.appcompat.app.AlertDialog
+import androidx.fragment.app.DialogFragment
+import com.kunzisoft.keepass.R
+import com.kunzisoft.keepass.model.SnapFileDatabaseInfo
+
+
+class DatabaseChangedDialogFragment : DialogFragment() {
+
+    var actionDatabaseListener: ActionDatabaseChangedListener? = null
+
+    override fun onPause() {
+        super.onPause()
+        actionDatabaseListener = null
+        this.dismiss()
+    }
+
+    override fun onCreateDialog(savedInstanceState: Bundle?): Dialog {
+        activity?.let { activity ->
+
+            val oldSnapFileDatabaseInfo: SnapFileDatabaseInfo? = arguments?.getParcelable(OLD_FILE_DATABASE_INFO)
+            val newSnapFileDatabaseInfo: SnapFileDatabaseInfo? = arguments?.getParcelable(NEW_FILE_DATABASE_INFO)
+
+            if (oldSnapFileDatabaseInfo != null && newSnapFileDatabaseInfo != null) {
+                // Use the Builder class for convenient dialog construction
+                val builder = AlertDialog.Builder(activity)
+
+                val stringBuilder = SpannableStringBuilder()
+                if (newSnapFileDatabaseInfo.exists) {
+                    stringBuilder.append(getString(R.string.warning_database_info_changed))
+                    stringBuilder.append("\n\n" +oldSnapFileDatabaseInfo.toString(activity)
+                            + "\n→\n" +
+                            newSnapFileDatabaseInfo.toString(activity) + "\n\n")
+                    stringBuilder.append(getString(R.string.warning_database_info_changed_options))
+                } else {
+                    stringBuilder.append(getString(R.string.warning_database_revoked))
+                }
+                builder.setMessage(stringBuilder)
+                builder.setPositiveButton(android.R.string.ok) { _, _ ->
+                    actionDatabaseListener?.validateDatabaseChanged()
+                }
+                return builder.create()
+            }
+        }
+        return super.onCreateDialog(savedInstanceState)
+    }
+
+    interface ActionDatabaseChangedListener {
+        fun validateDatabaseChanged()
+    }
+
+    companion object {
+
+        const val DATABASE_CHANGED_DIALOG_TAG = "databaseChangedDialogFragment"
+        private const val OLD_FILE_DATABASE_INFO = "OLD_FILE_DATABASE_INFO"
+        private const val NEW_FILE_DATABASE_INFO = "NEW_FILE_DATABASE_INFO"
+
+        fun getInstance(oldSnapFileDatabaseInfo: SnapFileDatabaseInfo,
+                        newSnapFileDatabaseInfo: SnapFileDatabaseInfo)
+        : DatabaseChangedDialogFragment {
+            val fragment = DatabaseChangedDialogFragment()
+            fragment.arguments = Bundle().apply {
+                putParcelable(OLD_FILE_DATABASE_INFO, oldSnapFileDatabaseInfo)
+                putParcelable(NEW_FILE_DATABASE_INFO, newSnapFileDatabaseInfo)
+            }
+            return fragment
+        }
+    }
+}
--- a/app/src/main/java/com/kunzisoft/keepass/activities/dialogs/UnavailableFeatureDialogFragment.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/activities/dialogs/UnavailableFeatureDialogFragment.kt
@@ -90,12 +90,12 @@ class UnavailableFeatureDialogFragment : DialogFragment() {
            }
        }
        if (apiName.isEmpty()) {
-            val mapper = arrayOf("ANDROID BASE", "ANDROID BASE 1.1", "CUPCAKE", "DONUT", "ECLAIR", "ECLAIR_0_1", "ECLAIR_MR1", "FROYO", "GINGERBREAD", "GINGERBREAD_MR1", "HONEYCOMB", "HONEYCOMB_MR1", "HONEYCOMB_MR2", "ICE_CREAM_SANDWICH", "ICE_CREAM_SANDWICH_MR1", "JELLY_BEAN", "JELLY_BEAN", "JELLY_BEAN", "KITKAT", "KITKAT", "LOLLIPOOP", "LOLLIPOOP_MR1", "MARSHMALLOW", "NOUGAT", "NOUGAT", "OREO", "OREO")
+            val mapper = arrayOf("ANDROID BASE", "ANDROID BASE 1.1", "CUPCAKE", "DONUT", "ECLAIR", "ECLAIR_0_1", "ECLAIR_MR1", "FROYO", "GINGERBREAD", "GINGERBREAD_MR1", "HONEYCOMB", "HONEYCOMB_MR1", "HONEYCOMB_MR2", "ICE_CREAM_SANDWICH", "ICE_CREAM_SANDWICH_MR1", "JELLY_BEAN", "JELLY_BEAN", "JELLY_BEAN", "KITKAT", "KITKAT", "LOLLIPOOP", "LOLLIPOOP_MR1", "MARSHMALLOW", "NOUGAT", "NOUGAT", "OREO", "OREO", "PIE", "", "")
            val index = apiNumber - 1
            apiName = if (index < mapper.size) mapper[index] else "UNKNOWN_VERSION"
        }
        if (version.isEmpty()) {
-            val versions = arrayOf("1.0", "1.1", "1.5", "1.6", "2.0", "2.0.1", "2.1", "2.2.X", "2.3", "2.3.3", "3.0", "3.1", "3.2.0", "4.0.1", "4.0.3", "4.1.0", "4.2.0", "4.3.0", "4.4", "4.4", "5.0", "5.1", "6.0", "7.0", "7.1", "8.0.0", "8.1.0")
+            val versions = arrayOf("1.0", "1.1", "1.5", "1.6", "2.0", "2.0.1", "2.1", "2.2.X", "2.3", "2.3.3", "3.0", "3.1", "3.2.0", "4.0.1", "4.0.3", "4.1.0", "4.2.0", "4.3.0", "4.4", "4.4", "5.0", "5.1", "6.0", "7.0", "7.1", "8.0.0", "8.1.0", "9", "10", "11")
            val index = apiNumber - 1
            version = if (index < versions.size) versions[index] else "UNKNOWN_VERSION"
        }
--- a/app/src/main/java/com/kunzisoft/keepass/activities/helpers/EntrySelectionHelper.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/activities/helpers/EntrySelectionHelper.kt
@@ -19,10 +19,10 @@
 */
 package com.kunzisoft.keepass.activities.helpers

-import android.app.assist.AssistStructure
 import android.content.Context
 import android.content.Intent
 import android.os.Build
+import com.kunzisoft.keepass.autofill.AutofillComponent
 import com.kunzisoft.keepass.autofill.AutofillHelper
 import com.kunzisoft.keepass.model.RegisterInfo
 import com.kunzisoft.keepass.model.SearchInfo
@@ -106,7 +106,7 @@ object EntrySelectionHelper {

    fun retrieveSpecialModeFromIntent(intent: Intent): SpecialMode {
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
-            if (AutofillHelper.retrieveAssistStructure(intent) != null)
+            if (AutofillHelper.retrieveAutofillComponent(intent) != null)
                return SpecialMode.SELECTION
        }
        return intent.getSerializableExtra(KEY_SPECIAL_MODE) as SpecialMode?
@@ -119,7 +119,7 @@ object EntrySelectionHelper {

    fun retrieveTypeModeFromIntent(intent: Intent): TypeMode {
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
-            if (AutofillHelper.retrieveAssistStructure(intent) != null)
+            if (AutofillHelper.retrieveAutofillComponent(intent) != null)
                return TypeMode.AUTOFILL
        }
        return intent.getSerializableExtra(KEY_TYPE_MODE) as TypeMode? ?: TypeMode.DEFAULT
@@ -136,7 +136,7 @@ object EntrySelectionHelper {
                        saveAction: (searchInfo: SearchInfo) -> Unit,
                        keyboardSelectionAction: (searchInfo: SearchInfo?) -> Unit,
                        autofillSelectionAction: (searchInfo: SearchInfo?,
-                                                  assistStructure: AssistStructure) -> Unit,
+                                                  autofillComponent: AutofillComponent) -> Unit,
                        autofillRegistrationAction: (registerInfo: RegisterInfo?) -> Unit) {

        when (retrieveSpecialModeFromIntent(intent)) {
@@ -167,14 +167,14 @@ object EntrySelectionHelper {
            }
            SpecialMode.SELECTION -> {
                val searchInfo: SearchInfo? = retrieveSearchInfoFromIntent(intent)
-                var assistStructureInit = false
+                var autofillComponentInit = false
                if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
-                    AutofillHelper.retrieveAssistStructure(intent)?.let { assistStructure ->
-                        autofillSelectionAction.invoke(searchInfo, assistStructure)
-                        assistStructureInit = true
+                    AutofillHelper.retrieveAutofillComponent(intent)?.let { autofillComponent ->
+                        autofillSelectionAction.invoke(searchInfo, autofillComponent)
+                        autofillComponentInit = true
                    }
                }
-                if (!assistStructureInit) {
+                if (!autofillComponentInit) {
                    if (intent.getSerializableExtra(KEY_SPECIAL_MODE) != null) {
                        when (retrieveTypeModeFromIntent(intent)) {
                            TypeMode.DEFAULT -> {
--- a/app/src/main/java/com/kunzisoft/keepass/activities/lock/LockingActivity.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/activities/lock/LockingActivity.kt
@@ -20,6 +20,7 @@
 package com.kunzisoft.keepass.activities.lock

 import android.annotation.SuppressLint
+import android.content.Context
 import android.content.Intent
 import android.os.Bundle
 import android.view.MotionEvent
@@ -163,35 +164,6 @@ abstract class LockingActivity : SpecialModeActivity() {
        sendBroadcast(Intent(LOCK_ACTION))
    }

-    /**
-     * To reset the app timeout when a view is focused or changed
-     */
-    @SuppressLint("ClickableViewAccessibility")
-    protected fun resetAppTimeoutWhenViewFocusedOrChanged(vararg views: View?) {
-        views.forEach {
-            it?.setOnTouchListener { _, event ->
-                when (event.action) {
-                    MotionEvent.ACTION_DOWN -> {
-                        // Log.d(TAG, "View touched, try to reset app timeout")
-                        TimeoutHelper.checkTimeAndLockIfTimeoutOrResetTimeout(this)
-                    }
-                }
-                false
-            }
-            it?.setOnFocusChangeListener { _, hasFocus ->
-                if (hasFocus) {
-                    // Log.d(TAG, "View focused, try to reset app timeout")
-                    TimeoutHelper.checkTimeAndLockIfTimeoutOrResetTimeout(this)
-                }
-            }
-            if (it is ViewGroup) {
-                for (i in 0..it.childCount) {
-                    resetAppTimeoutWhenViewFocusedOrChanged(it.getChildAt(i))
-                }
-            }
-        }
-    }
-
    override fun onBackPressed() {
        if (mTimeoutEnable) {
            TimeoutHelper.checkTimeAndLockIfTimeoutOrResetTimeout(this) {
@@ -204,7 +176,7 @@ abstract class LockingActivity : SpecialModeActivity() {

    companion object {

-        private const val TAG = "LockingActivity"
+        const val TAG = "LockingActivity"

        const val RESULT_EXIT_LOCK = 1450

@@ -215,3 +187,28 @@ abstract class LockingActivity : SpecialModeActivity() {
        var LOCKING_ACTIVITY_UI_VISIBLE_DURING_LOCK: Boolean? = null
    }
 }
+
+/**
+ * To reset the app timeout when a view is focused or changed
+ */
+@SuppressLint("ClickableViewAccessibility")
+fun View.resetAppTimeoutWhenViewFocusedOrChanged(context: Context) {
+    setOnTouchListener { _, event ->
+        when (event.action) {
+            MotionEvent.ACTION_DOWN -> {
+                //Log.d(LockingActivity.TAG, "View touched, try to reset app timeout")
+                TimeoutHelper.checkTimeAndLockIfTimeoutOrResetTimeout(context)
+            }
+        }
+        false
+    }
+    setOnFocusChangeListener { _, _ ->
+        //Log.d(LockingActivity.TAG, "View focused, try to reset app timeout")
+        TimeoutHelper.checkTimeAndLockIfTimeoutOrResetTimeout(context)
+    }
+    if (this is ViewGroup) {
+        for (i in 0..childCount) {
+            getChildAt(i)?.resetAppTimeoutWhenViewFocusedOrChanged(context)
+        }
+    }
+}
--- a/app/src/main/java/com/kunzisoft/keepass/activities/selection/SpecialModeActivity.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/activities/selection/SpecialModeActivity.kt
@@ -18,7 +18,7 @@ import com.kunzisoft.keepass.view.SpecialModeView
 abstract class SpecialModeActivity : StylishActivity() {

    protected var mSpecialMode: SpecialMode = SpecialMode.DEFAULT
-    protected var mTypeMode: TypeMode = TypeMode.DEFAULT
+    private var mTypeMode: TypeMode = TypeMode.DEFAULT

    private var mSpecialModeView: SpecialModeView? = null

--- a/app/src/main/java/com/kunzisoft/keepass/adapters/SearchEntryCursorAdapter.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/adapters/SearchEntryCursorAdapter.kt
@@ -100,6 +100,7 @@ class SearchEntryCursorAdapter(private val context: Context,
                } else {
                    ""
                }
+                visibility = if (text.isEmpty()) View.GONE else View.VISIBLE
                strikeOut(currentEntry.isCurrentlyExpires)
            }
        }
@@ -160,8 +161,8 @@ class SearchEntryCursorAdapter(private val context: Context,
    }

    private class ViewHolder {
-        internal var imageViewIcon: ImageView? = null
-        internal var textViewTitle: TextView? = null
-        internal var textViewSubTitle: TextView? = null
+        var imageViewIcon: ImageView? = null
+        var textViewTitle: TextView? = null
+        var textViewSubTitle: TextView? = null
    }
 }
--- a/app/src/main/java/com/kunzisoft/keepass/app/App.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/app/App.kt
@@ -34,7 +34,7 @@ class App : MultiDexApplication() {
    }

    override fun onTerminate() {
-        Database.getInstance().closeAndClear(UriUtil.getBinaryDir(this))
+        Database.getInstance().clearAndClose(UriUtil.getBinaryDir(this))
        super.onTerminate()
    }
 }
--- a/app/src/main/java/com/kunzisoft/keepass/app/database/CipherDatabaseAction.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/app/database/CipherDatabaseAction.kt
@@ -19,27 +19,96 @@
 */
 package com.kunzisoft.keepass.app.database

+import android.content.ComponentName
 import android.content.Context
+import android.content.Intent
+import android.content.ServiceConnection
 import android.net.Uri
+import android.os.IBinder
+import com.kunzisoft.keepass.notifications.AdvancedUnlockNotificationService
+import com.kunzisoft.keepass.settings.PreferencesUtil
 import com.kunzisoft.keepass.utils.SingletonHolderParameter
+import java.util.*

-class CipherDatabaseAction(applicationContext: Context) {
+class CipherDatabaseAction(context: Context) {

+    private val applicationContext = context.applicationContext
    private val cipherDatabaseDao =
            AppDatabase
                    .getDatabase(applicationContext)
                    .cipherDatabaseDao()

+    // Temp DAO to easily remove content if object no longer in memory
+    private var useTempDao = PreferencesUtil.isTempAdvancedUnlockEnable(applicationContext)
+
+    private val mIntentAdvancedUnlockService = Intent(applicationContext,
+            AdvancedUnlockNotificationService::class.java)
+    private var mBinder: AdvancedUnlockNotificationService.AdvancedUnlockBinder? = null
+    private var mServiceConnection: ServiceConnection? = null
+
+    private var mDatabaseListeners = LinkedList<DatabaseListener>()
+
+    fun reloadPreferences() {
+        useTempDao = PreferencesUtil.isTempAdvancedUnlockEnable(applicationContext)
+    }
+
+    @Synchronized
+    private fun attachService(performedAction: () -> Unit) {
+        // Check if a service is currently running else do nothing
+        if (mBinder != null) {
+            performedAction.invoke()
+        } else if (mServiceConnection == null) {
+            mServiceConnection = object : ServiceConnection {
+                override fun onServiceConnected(name: ComponentName?, serviceBinder: IBinder?) {
+                    mBinder = (serviceBinder as AdvancedUnlockNotificationService.AdvancedUnlockBinder)
+                    performedAction.invoke()
+                }
+
+                override fun onServiceDisconnected(name: ComponentName?) {
+                    mBinder = null
+                    mServiceConnection = null
+                    mDatabaseListeners.forEach {
+                        it.onDatabaseCleared()
+                    }
+                }
+            }
+            applicationContext.bindService(mIntentAdvancedUnlockService,
+                    mServiceConnection!!,
+                    Context.BIND_ABOVE_CLIENT)
+            if (mBinder == null) {
+                applicationContext.startService(mIntentAdvancedUnlockService)
+            }
+        }
+    }
+
+    fun registerDatabaseListener(listener: DatabaseListener) {
+        mDatabaseListeners.add(listener)
+    }
+
+    fun unregisterDatabaseListener(listener: DatabaseListener) {
+        mDatabaseListeners.remove(listener)
+    }
+
+    interface DatabaseListener {
+        fun onDatabaseCleared()
+    }
+
    fun getCipherDatabase(databaseUri: Uri,
                          cipherDatabaseResultListener: (CipherDatabaseEntity?) -> Unit) {
-        IOActionTask(
-                {
-                    cipherDatabaseDao.getByDatabaseUri(databaseUri.toString())
-                },
-                {
-                    cipherDatabaseResultListener.invoke(it)
-                }
-        ).execute()
+        if (useTempDao) {
+            attachService {
+                cipherDatabaseResultListener.invoke(mBinder?.getCipherDatabase(databaseUri))
+            }
+        } else {
+            IOActionTask(
+                    {
+                        cipherDatabaseDao.getByDatabaseUri(databaseUri.toString())
+                    },
+                    {
+                        cipherDatabaseResultListener.invoke(it)
+                    }
+            ).execute()
+        }
    }

    fun containsCipherDatabase(databaseUri: Uri,
@@ -51,36 +120,52 @@ class CipherDatabaseAction(applicationContext: Context) {

    fun addOrUpdateCipherDatabase(cipherDatabaseEntity: CipherDatabaseEntity,
                                  cipherDatabaseResultListener: (() -> Unit)? = null) {
-        IOActionTask(
-                {
-                    val cipherDatabaseRetrieve = cipherDatabaseDao.getByDatabaseUri(cipherDatabaseEntity.databaseUri)
-
-                    // Update values if element not yet in the database
-                    if (cipherDatabaseRetrieve == null) {
-                        cipherDatabaseDao.add(cipherDatabaseEntity)
-                    } else {
-                        cipherDatabaseDao.update(cipherDatabaseEntity)
+        if (useTempDao) {
+            attachService {
+                mBinder?.addOrUpdateCipherDatabase(cipherDatabaseEntity)
+                cipherDatabaseResultListener?.invoke()
+            }
+        } else {
+            IOActionTask(
+                    {
+                        val cipherDatabaseRetrieve = cipherDatabaseDao.getByDatabaseUri(cipherDatabaseEntity.databaseUri)
+                        // Update values if element not yet in the database
+                        if (cipherDatabaseRetrieve == null) {
+                            cipherDatabaseDao.add(cipherDatabaseEntity)
+                        } else {
+                            cipherDatabaseDao.update(cipherDatabaseEntity)
+                        }
+                    },
+                    {
+                        cipherDatabaseResultListener?.invoke()
                    }
-                },
-                {
-                    cipherDatabaseResultListener?.invoke()
-                }
-        ).execute()
+            ).execute()
+        }
    }

    fun deleteByDatabaseUri(databaseUri: Uri,
                            cipherDatabaseResultListener: (() -> Unit)? = null) {
-        IOActionTask(
-                {
-                    cipherDatabaseDao.deleteByDatabaseUri(databaseUri.toString())
-                },
-                {
-                    cipherDatabaseResultListener?.invoke()
-                }
-        ).execute()
+        if (useTempDao) {
+            attachService {
+                mBinder?.deleteByDatabaseUri(databaseUri)
+                cipherDatabaseResultListener?.invoke()
+            }
+        } else {
+            IOActionTask(
+                    {
+                        cipherDatabaseDao.deleteByDatabaseUri(databaseUri.toString())
+                    },
+                    {
+                        cipherDatabaseResultListener?.invoke()
+                    }
+            ).execute()
+        }
    }

    fun deleteAll() {
+        attachService {
+            mBinder?.deleteAll()
+        }
        IOActionTask(
                {
                    cipherDatabaseDao.deleteAll()
--- a/app/src/main/java/com/kunzisoft/keepass/app/database/CipherDatabaseEntity.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/app/database/CipherDatabaseEntity.kt
@@ -43,6 +43,11 @@ data class CipherDatabaseEntity(
            parcel.readString()!!,
            parcel.readString()!!)

+    fun replaceContent(copy: CipherDatabaseEntity) {
+        this.encryptedValue = copy.encryptedValue
+        this.specParameters = copy.specParameters
+    }
+
    override fun writeToParcel(parcel: Parcel, flags: Int) {
        parcel.writeString(databaseUri)
        parcel.writeString(encryptedValue)
--- a/app/src/main/java/com/kunzisoft/keepass/app/database/FileDatabaseHistoryAction.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/app/database/FileDatabaseHistoryAction.kt
@@ -47,7 +47,7 @@ class FileDatabaseHistoryAction(private val applicationContext: Context) {
                            UriUtil.decode(fileDatabaseHistoryEntity?.databaseUri),
                            fileDatabaseInfo.retrieveDatabaseAlias(fileDatabaseHistoryEntity?.databaseAlias ?: ""),
                            fileDatabaseInfo.exists,
-                            fileDatabaseInfo.getModificationString(),
+                            fileDatabaseInfo.getLastModificationString(),
                            fileDatabaseInfo.getSizeString()
                    )
                },
@@ -90,7 +90,7 @@ class FileDatabaseHistoryAction(private val applicationContext: Context) {
                                            UriUtil.decode(fileDatabaseHistoryEntity.databaseUri),
                                            fileDatabaseInfo.retrieveDatabaseAlias(fileDatabaseHistoryEntity.databaseAlias),
                                            fileDatabaseInfo.exists,
-                                            fileDatabaseInfo.getModificationString(),
+                                            fileDatabaseInfo.getLastModificationString(),
                                            fileDatabaseInfo.getSizeString()
                                    )
                            )
@@ -152,7 +152,7 @@ class FileDatabaseHistoryAction(private val applicationContext: Context) {
                                UriUtil.decode(fileDatabaseHistory.databaseUri),
                                fileDatabaseInfo.retrieveDatabaseAlias(fileDatabaseHistory.databaseAlias),
                                fileDatabaseInfo.exists,
-                                fileDatabaseInfo.getModificationString(),
+                                fileDatabaseInfo.getLastModificationString(),
                                fileDatabaseInfo.getSizeString()
                        )
                    }
--- a/app/src/main/java/com/kunzisoft/keepass/autofill/AutofillComponent.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/autofill/AutofillComponent.kt
@@ -0,0 +1,7 @@
+package com.kunzisoft.keepass.autofill
+
+import android.app.assist.AssistStructure
+import android.view.inputmethod.InlineSuggestionsRequest
+
+data class AutofillComponent(val assistStructure: AssistStructure,
+                             val inlineSuggestionsRequest: InlineSuggestionsRequest?)
--- a/app/src/main/java/com/kunzisoft/keepass/autofill/AutofillHelper.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/autofill/AutofillHelper.kt
@@ -19,18 +19,27 @@
 */
 package com.kunzisoft.keepass.autofill

+import android.annotation.SuppressLint
 import android.app.Activity
+import android.app.PendingIntent
 import android.app.assist.AssistStructure
 import android.content.Context
 import android.content.Intent
+import android.graphics.BlendMode
+import android.graphics.drawable.Icon
 import android.os.Build
 import android.service.autofill.Dataset
 import android.service.autofill.FillResponse
+import android.service.autofill.InlinePresentation
 import android.util.Log
 import android.view.autofill.AutofillManager
 import android.view.autofill.AutofillValue
+import android.view.inputmethod.InlineSuggestionsRequest
 import android.widget.RemoteViews
+import android.widget.Toast
 import androidx.annotation.RequiresApi
+import androidx.autofill.inline.UiVersions
+import androidx.autofill.inline.v1.InlineSuggestionUi
 import androidx.core.content.ContextCompat
 import com.kunzisoft.keepass.R
 import com.kunzisoft.keepass.activities.helpers.EntrySelectionHelper
@@ -38,8 +47,11 @@ import com.kunzisoft.keepass.activities.helpers.SpecialMode
 import com.kunzisoft.keepass.database.element.Database
 import com.kunzisoft.keepass.database.element.icon.IconImage
 import com.kunzisoft.keepass.icons.assignDatabaseIcon
+import com.kunzisoft.keepass.icons.createIconFromDatabaseIcon
 import com.kunzisoft.keepass.model.EntryInfo
 import com.kunzisoft.keepass.model.SearchInfo
+import com.kunzisoft.keepass.settings.AutofillSettingsActivity
+import com.kunzisoft.keepass.settings.PreferencesUtil


@RequiresApi(api = Build.VERSION_CODES.O)
@@ -47,11 +59,13 @@ object AutofillHelper {

    private const val AUTOFILL_RESPONSE_REQUEST_CODE = 8165

-    private const val ASSIST_STRUCTURE = AutofillManager.EXTRA_ASSIST_STRUCTURE
+    private const val EXTRA_ASSIST_STRUCTURE = AutofillManager.EXTRA_ASSIST_STRUCTURE
+    const val EXTRA_INLINE_SUGGESTIONS_REQUEST = "com.kunzisoft.keepass.autofill.INLINE_SUGGESTIONS_REQUEST"

-    fun retrieveAssistStructure(intent: Intent?): AssistStructure? {
-        intent?.let {
-            return it.getParcelableExtra(ASSIST_STRUCTURE)
+    fun retrieveAutofillComponent(intent: Intent?): AutofillComponent? {
+        intent?.getParcelableExtra<AssistStructure?>(EXTRA_ASSIST_STRUCTURE)?.let { assistStructure ->
+            return AutofillComponent(assistStructure,
+                              intent.getParcelableExtra(EXTRA_INLINE_SUGGESTIONS_REQUEST))
        }
        return null
    }
@@ -68,26 +82,10 @@ object AutofillHelper {
        return ""
    }

-    internal fun addHeader(responseBuilder: FillResponse.Builder,
-                           packageName: String,
-                           webDomain: String?,
-                           applicationId: String?) {
-        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
-            if (webDomain != null) {
-                responseBuilder.setHeader(RemoteViews(packageName, R.layout.item_autofill_web_domain).apply {
-                    setTextViewText(R.id.autofill_web_domain_text, webDomain)
-                })
-            } else if (applicationId != null) {
-                responseBuilder.setHeader(RemoteViews(packageName, R.layout.item_autofill_app_id).apply {
-                    setTextViewText(R.id.autofill_app_id_text, applicationId)
-                })
-            }
-        }
-    }
-
-    internal fun buildDataset(context: Context,
+    private fun buildDataset(context: Context,
                              entryInfo: EntryInfo,
-                              struct: StructureParser.Result): Dataset? {
+                              struct: StructureParser.Result,
+                              inlinePresentation: InlinePresentation?): Dataset? {
        val title = makeEntryTitle(entryInfo)
        val views = newRemoteViews(context, title, entryInfo.icon)
        val builder = Dataset.Builder(views)
@@ -100,6 +98,12 @@ object AutofillHelper {
            builder.setValue(password, AutofillValue.forText(entryInfo.password))
        }

+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) {
+            inlinePresentation?.let {
+                builder.setInlinePresentation(it)
+            }
+        }
+
        return try {
            builder.build()
        } catch (e: IllegalArgumentException) {
@@ -108,44 +112,116 @@ object AutofillHelper {
        }
    }

+    @RequiresApi(Build.VERSION_CODES.R)
+    @SuppressLint("RestrictedApi")
+    private fun buildInlinePresentationForEntry(context: Context,
+                                                inlineSuggestionsRequest: InlineSuggestionsRequest,
+                                                positionItem: Int,
+                                                entryInfo: EntryInfo): InlinePresentation? {
+        val inlinePresentationSpecs = inlineSuggestionsRequest.inlinePresentationSpecs
+        val maxSuggestion = inlineSuggestionsRequest.maxSuggestionCount
+
+        if (positionItem <= maxSuggestion-1
+                && inlinePresentationSpecs.size > positionItem) {
+            val inlinePresentationSpec = inlinePresentationSpecs[positionItem]
+
+            // Make sure that the IME spec claims support for v1 UI template.
+            val imeStyle = inlinePresentationSpec.style
+            if (!UiVersions.getVersions(imeStyle).contains(UiVersions.INLINE_UI_VERSION_1))
+                return null
+
+            // Build the content for IME UI
+            val pendingIntent = PendingIntent.getActivity(context,
+                    0,
+                    Intent(context, AutofillSettingsActivity::class.java),
+                    0)
+            return InlinePresentation(
+                    InlineSuggestionUi.newContentBuilder(pendingIntent).apply {
+                        setContentDescription(context.getString(R.string.autofill_sign_in_prompt))
+                        setTitle(entryInfo.title)
+                        setSubtitle(entryInfo.username)
+                        setStartIcon(Icon.createWithResource(context, R.mipmap.ic_launcher_round).apply {
+                            setTintBlendMode(BlendMode.DST)
+                        })
+                        buildIconFromEntry(context, entryInfo)?.let { icon ->
+                            setEndIcon(icon.apply {
+                                setTintBlendMode(BlendMode.DST)
+                            })
+                        }
+                    }.build().slice, inlinePresentationSpec, false)
+        }
+        return null
+    }
+
+    fun buildResponse(context: Context,
+                      entriesInfo: List<EntryInfo>,
+                      parseResult: StructureParser.Result,
+                      inlineSuggestionsRequest: InlineSuggestionsRequest?): FillResponse {
+        val responseBuilder = FillResponse.Builder()
+        // Add Header
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
+            val packageName = context.packageName
+            parseResult.webDomain?.let { webDomain ->
+                responseBuilder.setHeader(RemoteViews(packageName, R.layout.item_autofill_web_domain).apply {
+                    setTextViewText(R.id.autofill_web_domain_text, webDomain)
+                })
+            } ?: kotlin.run {
+                parseResult.applicationId?.let { applicationId ->
+                    responseBuilder.setHeader(RemoteViews(packageName, R.layout.item_autofill_app_id).apply {
+                        setTextViewText(R.id.autofill_app_id_text, applicationId)
+                    })
+                }
+            }
+        }
+        // Add inline suggestion for new IME and dataset
+        entriesInfo.forEachIndexed { index, entryInfo ->
+            val inlinePresentation = inlineSuggestionsRequest?.let {
+                if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) {
+                    buildInlinePresentationForEntry(context, inlineSuggestionsRequest, index, entryInfo)
+                } else {
+                    null
+                }
+            }
+            responseBuilder.addDataset(buildDataset(context, entryInfo, parseResult, inlinePresentation))
+        }
+        return responseBuilder.build()
+    }
+
    /**
     * Build the Autofill response for one entry
     */
-    fun buildResponse(activity: Activity, entryInfo: EntryInfo) {
-        buildResponse(activity, ArrayList<EntryInfo>().apply { add(entryInfo) })
+    fun buildResponseAndSetResult(activity: Activity, entryInfo: EntryInfo) {
+        buildResponseAndSetResult(activity, ArrayList<EntryInfo>().apply { add(entryInfo) })
    }

    /**
     * Build the Autofill response for many entry
     */
-    fun buildResponse(activity: Activity, entriesInfo: List<EntryInfo>) {
+    fun buildResponseAndSetResult(activity: Activity, entriesInfo: List<EntryInfo>) {
        if (entriesInfo.isEmpty()) {
            activity.setResult(Activity.RESULT_CANCELED)
        } else {
            var setResultOk = false
-            activity.intent?.extras?.let { extras ->
-                if (extras.containsKey(ASSIST_STRUCTURE)) {
-                    activity.intent?.getParcelableExtra<AssistStructure>(ASSIST_STRUCTURE)?.let { structure ->
-                        StructureParser(structure).parse()?.let { result ->
-                            // New Response
-                            val responseBuilder = FillResponse.Builder()
-                            entriesInfo.forEach {
-                                responseBuilder.addDataset(buildDataset(activity, it, result))
-                            }
-                            val mReplyIntent = Intent()
-                            Log.d(activity.javaClass.name, "Successed Autofill auth.")
-                            mReplyIntent.putExtra(
-                                    AutofillManager.EXTRA_AUTHENTICATION_RESULT,
-                                    responseBuilder.build())
-                            setResultOk = true
-                            activity.setResult(Activity.RESULT_OK, mReplyIntent)
-                        }
+            activity.intent?.getParcelableExtra<AssistStructure>(EXTRA_ASSIST_STRUCTURE)?.let { structure ->
+                StructureParser(structure).parse()?.let { result ->
+                    // New Response
+                    val inlineSuggestionsRequest = activity.intent?.getParcelableExtra<InlineSuggestionsRequest?>(EXTRA_INLINE_SUGGESTIONS_REQUEST)
+                    val response = buildResponse(activity, entriesInfo, result, inlineSuggestionsRequest)
+                    if (inlineSuggestionsRequest != null) {
+                        Toast.makeText(activity.applicationContext, R.string.autofill_inline_suggestions_keyboard, Toast.LENGTH_SHORT).show()
                    }
+                    val mReplyIntent = Intent()
+                    Log.d(activity.javaClass.name, "Successed Autofill auth.")
+                    mReplyIntent.putExtra(
+                            AutofillManager.EXTRA_AUTHENTICATION_RESULT,
+                            response)
+                    setResultOk = true
+                    activity.setResult(Activity.RESULT_OK, mReplyIntent)
                }
-                if (!setResultOk) {
-                    Log.w(activity.javaClass.name, "Failed Autofill auth.")
-                    activity.setResult(Activity.RESULT_CANCELED)
-                }
+            }
+            if (!setResultOk) {
+                Log.w(activity.javaClass.name, "Failed Autofill auth.")
+                activity.setResult(Activity.RESULT_CANCELED)
            }
        }
    }
@@ -155,10 +231,16 @@ object AutofillHelper {
     */
    fun startActivityForAutofillResult(activity: Activity,
                                       intent: Intent,
-                                       assistStructure: AssistStructure,
+                                       autofillComponent: AutofillComponent,
                                       searchInfo: SearchInfo?) {
        EntrySelectionHelper.addSpecialModeInIntent(intent, SpecialMode.SELECTION)
-        intent.putExtra(ASSIST_STRUCTURE, assistStructure)
+        intent.putExtra(EXTRA_ASSIST_STRUCTURE, autofillComponent.assistStructure)
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R
+                && PreferencesUtil.isAutofillInlineSuggestionsEnable(activity)) {
+            autofillComponent.inlineSuggestionsRequest?.let {
+                intent.putExtra(EXTRA_INLINE_SUGGESTIONS_REQUEST, it)
+            }
+        }
        EntrySelectionHelper.addSearchInfoInIntent(intent, searchInfo)
        activity.startActivityForResult(intent, AUTOFILL_RESPONSE_REQUEST_CODE)
    }
@@ -192,4 +274,11 @@ object AutofillHelper {
        }
        return presentation
    }
+
+    private fun buildIconFromEntry(context: Context, entryInfo: EntryInfo): Icon? {
+        return createIconFromDatabaseIcon(context,
+                Database.getInstance().drawFactory,
+                entryInfo.icon,
+                ContextCompat.getColor(context, R.color.green))
+    }
 }
--- a/app/src/main/java/com/kunzisoft/keepass/autofill/KeeAutofillService.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/autofill/KeeAutofillService.kt
@@ -19,37 +19,50 @@
 */
 package com.kunzisoft.keepass.autofill

+import android.app.PendingIntent
+import android.content.Intent
+import android.graphics.BlendMode
+import android.graphics.drawable.Icon
 import android.os.Build
 import android.os.CancellationSignal
 import android.service.autofill.*
 import android.util.Log
 import android.view.autofill.AutofillId
+import android.view.inputmethod.InlineSuggestionsRequest
 import android.widget.RemoteViews
 import androidx.annotation.RequiresApi
+import androidx.autofill.inline.UiVersions
+import androidx.autofill.inline.v1.InlineSuggestionUi
 import com.kunzisoft.keepass.R
 import com.kunzisoft.keepass.activities.AutofillLauncherActivity
 import com.kunzisoft.keepass.database.element.Database
 import com.kunzisoft.keepass.database.search.SearchHelper
 import com.kunzisoft.keepass.model.RegisterInfo
 import com.kunzisoft.keepass.model.SearchInfo
+import com.kunzisoft.keepass.settings.AutofillSettingsActivity
 import com.kunzisoft.keepass.settings.PreferencesUtil
-import com.kunzisoft.keepass.utils.UriUtil
 import java.util.concurrent.atomic.AtomicBoolean

+
@RequiresApi(api = Build.VERSION_CODES.O)
 class KeeAutofillService : AutofillService() {

    var applicationIdBlocklist: Set<String>? = null
    var webDomainBlocklist: Set<String>? = null
    var askToSaveData: Boolean = false
+    var autofillInlineSuggestionsEnabled: Boolean = false
    private var mLock = AtomicBoolean()

    override fun onCreate() {
        super.onCreate()
+        getPreferences()
+    }

+    private fun getPreferences() {
        applicationIdBlocklist = PreferencesUtil.applicationIdBlocklist(this)
        webDomainBlocklist = PreferencesUtil.webDomainBlocklist(this)
-        askToSaveData = PreferencesUtil.askToSaveAutofillData(this) // TODO apply when changed
+        askToSaveData = PreferencesUtil.askToSaveAutofillData(this)
+        autofillInlineSuggestionsEnabled = PreferencesUtil.isAutofillInlineSuggestionsEnable(this)
    }

    override fun onFillRequest(request: FillRequest,
@@ -75,7 +88,16 @@ class KeeAutofillService : AutofillService() {
                    }
                    SearchInfo.getConcreteWebDomain(this, searchInfo.webDomain) { webDomainWithoutSubDomain ->
                        searchInfo.webDomain = webDomainWithoutSubDomain
-                        launchSelection(searchInfo, parseResult, callback)
+                        val inlineSuggestionsRequest = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R
+                                && autofillInlineSuggestionsEnabled) {
+                            request.inlineSuggestionsRequest
+                        } else {
+                            null
+                        }
+                        launchSelection(searchInfo,
+                                parseResult,
+                                inlineSuggestionsRequest,
+                                callback)
                    }
                }
            }
@@ -84,39 +106,40 @@ class KeeAutofillService : AutofillService() {

    private fun launchSelection(searchInfo: SearchInfo,
                                parseResult: StructureParser.Result,
+                                inlineSuggestionsRequest: InlineSuggestionsRequest?,
                                callback: FillCallback) {
        SearchHelper.checkAutoSearchInfo(this,
                Database.getInstance(),
                searchInfo,
                { items ->
-                    val responseBuilder = FillResponse.Builder()
-                    AutofillHelper.addHeader(responseBuilder, packageName,
-                            parseResult.webDomain, parseResult.applicationId)
-                    items.forEach {
-                        responseBuilder.addDataset(AutofillHelper.buildDataset(this, it, parseResult))
-                    }
-                    callback.onSuccess(responseBuilder.build())
+                    callback.onSuccess(
+                            AutofillHelper.buildResponse(this,
+                                    items, parseResult, inlineSuggestionsRequest)
+                    )
                },
                {
                    // Show UI if no search result
-                    showUIForEntrySelection(parseResult, searchInfo, callback)
+                    showUIForEntrySelection(parseResult,
+                            searchInfo, inlineSuggestionsRequest, callback)
                },
                {
                    // Show UI if database not open
-                    showUIForEntrySelection(parseResult, searchInfo, callback)
+                    showUIForEntrySelection(parseResult,
+                            searchInfo, inlineSuggestionsRequest, callback)
                }
        )
    }

    private fun showUIForEntrySelection(parseResult: StructureParser.Result,
                                        searchInfo: SearchInfo,
+                                        inlineSuggestionsRequest: InlineSuggestionsRequest?,
                                        callback: FillCallback) {
        parseResult.allAutofillIds().let { autofillIds ->
            if (autofillIds.isNotEmpty()) {
                // If the entire Autofill Response is authenticated, AuthActivity is used
                // to generate Response.
                val intentSender = AutofillLauncherActivity.getAuthIntentSenderForSelection(this,
-                        searchInfo)
+                        searchInfo, inlineSuggestionsRequest)
                val responseBuilder = FillResponse.Builder()
                val remoteViewsUnlock: RemoteViews = if (!parseResult.webDomain.isNullOrEmpty()) {
                    RemoteViews(packageName, R.layout.item_autofill_unlock_web_domain).apply {
@@ -149,8 +172,45 @@ class KeeAutofillService : AutofillService() {
                        )
                    }
                }
+
+                // Build inline presentation
+                var inlinePresentation: InlinePresentation? = null
+                if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R
+                        && autofillInlineSuggestionsEnabled) {
+                    inlineSuggestionsRequest?.let {
+                        val inlinePresentationSpecs = inlineSuggestionsRequest.inlinePresentationSpecs
+                        if (inlineSuggestionsRequest.maxSuggestionCount > 0
+                                && inlinePresentationSpecs.size > 0) {
+                            val inlinePresentationSpec = inlinePresentationSpecs[0]
+
+                            // Make sure that the IME spec claims support for v1 UI template.
+                            val imeStyle = inlinePresentationSpec.style
+                            if (UiVersions.getVersions(imeStyle).contains(UiVersions.INLINE_UI_VERSION_1)) {
+                                // Build the content for IME UI
+                                inlinePresentation = InlinePresentation(
+                                        InlineSuggestionUi.newContentBuilder(
+                                                PendingIntent.getActivity(this,
+                                                        0,
+                                                        Intent(this, AutofillSettingsActivity::class.java),
+                                                        0)
+                                        ).apply {
+                                            setContentDescription(getString(R.string.autofill_sign_in_prompt))
+                                            setTitle(getString(R.string.autofill_sign_in_prompt))
+                                            setStartIcon(Icon.createWithResource(this@KeeAutofillService, R.mipmap.ic_launcher_round).apply {
+                                                setTintBlendMode(BlendMode.DST)
+                                            })
+                                        }.build().slice, inlinePresentationSpec, false)
+                            }
+                        }
+                    }
+                }
+
                // Build response
-                responseBuilder.setAuthentication(autofillIds, intentSender, remoteViewsUnlock)
+                if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) {
+                    responseBuilder.setAuthentication(autofillIds, intentSender, remoteViewsUnlock, inlinePresentation)
+                } else {
+                    responseBuilder.setAuthentication(autofillIds, intentSender, remoteViewsUnlock)
+                }
                callback.onSuccess(responseBuilder.build())
            }
        }
@@ -190,6 +250,7 @@ class KeeAutofillService : AutofillService() {

    override fun onConnected() {
        Log.d(TAG, "onConnected")
+        getPreferences()
    }

    override fun onDisconnected() {
--- a/app/src/main/java/com/kunzisoft/keepass/autofill/StructureParser.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/autofill/StructureParser.kt
@@ -33,7 +33,7 @@ import java.util.*
 * Parse AssistStructure and guess username and password fields.
 */
@RequiresApi(api = Build.VERSION_CODES.O)
-internal class StructureParser(private val structure: AssistStructure) {
+class StructureParser(private val structure: AssistStructure) {
    private var result: Result? = null

    private var usernameNeeded = true
@@ -274,7 +274,7 @@ internal class StructureParser(private val structure: AssistStructure) {
    }

    @RequiresApi(api = Build.VERSION_CODES.O)
-    internal class Result {
+    class Result {
        var applicationId: String? = null

        var webDomain: String? = null
--- a/app/src/main/java/com/kunzisoft/keepass/biometric/AdvancedUnlockCryptoPrompt.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/biometric/AdvancedUnlockCryptoPrompt.kt
@@ -0,0 +1,10 @@
+package com.kunzisoft.keepass.biometric
+
+import androidx.annotation.StringRes
+import javax.crypto.Cipher
+
+data class AdvancedUnlockCryptoPrompt(var cipher: Cipher,
+                                      @StringRes var promptTitleId: Int,
+                                      @StringRes var promptDescriptionId: Int? = null,
+                                      var isDeviceCredentialOperation: Boolean,
+                                      var isBiometricOperation: Boolean)
--- a/app/src/main/java/com/kunzisoft/keepass/biometric/AdvancedUnlockFragment.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/biometric/AdvancedUnlockFragment.kt
@@ -0,0 +1,628 @@
+/*
+ * Copyright 2020 Jeremy Jamet / Kunzisoft.
+ *
+ * This file is part of KeePassDX.
+ *
+ *  KeePassDX is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  KeePassDX is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with KeePassDX.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+package com.kunzisoft.keepass.biometric
+
+import android.content.Context
+import android.content.Intent
+import android.net.Uri
+import android.os.Build
+import android.os.Bundle
+import android.provider.Settings
+import android.util.Log
+import android.view.*
+import androidx.annotation.RequiresApi
+import androidx.biometric.BiometricManager
+import androidx.biometric.BiometricPrompt
+import com.getkeepsafe.taptargetview.TapTargetView
+import com.kunzisoft.keepass.R
+import com.kunzisoft.keepass.activities.stylish.StylishFragment
+import com.kunzisoft.keepass.app.database.CipherDatabaseAction
+import com.kunzisoft.keepass.database.exception.IODatabaseException
+import com.kunzisoft.keepass.education.PasswordActivityEducation
+import com.kunzisoft.keepass.notifications.AdvancedUnlockNotificationService
+import com.kunzisoft.keepass.settings.PreferencesUtil
+import com.kunzisoft.keepass.view.AdvancedUnlockInfoView
+
+class AdvancedUnlockFragment: StylishFragment(), AdvancedUnlockManager.AdvancedUnlockCallback {
+
+    private var mBuilderListener: BuilderListener? = null
+
+    private var mAdvancedUnlockEnabled = false
+    private var mAutoOpenPromptEnabled = false
+
+    private var advancedUnlockManager: AdvancedUnlockManager? = null
+    private var biometricMode: Mode = Mode.BIOMETRIC_UNAVAILABLE
+    private var mAdvancedUnlockInfoView: AdvancedUnlockInfoView? = null
+
+    var databaseFileUri: Uri? = null
+        private set
+
+    /**
+     * Manage setting to auto open biometric prompt
+     */
+    private var mAutoOpenPrompt: Boolean = false
+        get() {
+            return field && mAutoOpenPromptEnabled
+        }
+
+    // Variable to check if the prompt can be open (if the right activity is currently shown)
+    // checkBiometricAvailability() allows open biometric prompt and onDestroy() removes the authorization
+    private var allowOpenBiometricPrompt = false
+
+    private lateinit var cipherDatabaseAction : CipherDatabaseAction
+
+    private var cipherDatabaseListener: CipherDatabaseAction.DatabaseListener? = null
+
+    // Only to fix multiple fingerprint menu #332
+    private var mAllowAdvancedUnlockMenu = false
+    private var mAddBiometricMenuInProgress = false
+
+    // Only keep connection when we request a device credential activity
+    private var keepConnection = false
+
+    override fun onAttach(context: Context) {
+        super.onAttach(context)
+
+        mAdvancedUnlockEnabled = PreferencesUtil.isAdvancedUnlockEnable(context)
+        mAutoOpenPromptEnabled = PreferencesUtil.isAdvancedUnlockPromptAutoOpenEnable(context)
+        try {
+            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
+                mBuilderListener = context as BuilderListener
+            }
+        } catch (e: ClassCastException) {
+            throw ClassCastException(context.toString()
+                    + " must implement " + BuilderListener::class.java.name)
+        }
+    }
+
+    override fun onCreate(savedInstanceState: Bundle?) {
+        super.onCreate(savedInstanceState)
+
+        retainInstance = true
+        setHasOptionsMenu(true)
+
+        cipherDatabaseAction = CipherDatabaseAction.getInstance(requireContext().applicationContext)
+    }
+
+    override fun onCreateView(inflater: LayoutInflater, container: ViewGroup?, savedInstanceState: Bundle?): View? {
+        super.onCreateView(inflater, container, savedInstanceState)
+
+        val rootView = inflater.cloneInContext(contextThemed)
+                .inflate(R.layout.fragment_advanced_unlock, container, false)
+
+        mAdvancedUnlockInfoView = rootView.findViewById(R.id.advanced_unlock_view)
+
+        return rootView
+    }
+
+    private data class ActivityResult(var requestCode: Int, var resultCode: Int, var data: Intent?)
+    private var activityResult: ActivityResult? = null
+
+    override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
+        // To wait resume
+        if (keepConnection) {
+            activityResult = ActivityResult(requestCode, resultCode, data)
+        }
+        keepConnection = false
+    }
+
+    override fun onResume() {
+        super.onResume()
+        mAdvancedUnlockEnabled = PreferencesUtil.isAdvancedUnlockEnable(requireContext())
+        mAutoOpenPromptEnabled = PreferencesUtil.isAdvancedUnlockPromptAutoOpenEnable(requireContext())
+        keepConnection = false
+    }
+
+    override fun onCreateOptionsMenu(menu: Menu, inflater: MenuInflater) {
+        super.onCreateOptionsMenu(menu, inflater)
+
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
+            // biometric menu
+            if (mAllowAdvancedUnlockMenu)
+                inflater.inflate(R.menu.advanced_unlock, menu)
+        }
+    }
+
+    override fun onOptionsItemSelected(item: MenuItem): Boolean {
+        when (item.itemId) {
+            R.id.menu_keystore_remove_key -> if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
+                deleteEncryptedDatabaseKey()
+            }
+        }
+
+        return super.onOptionsItemSelected(item)
+    }
+
+    fun loadDatabase(databaseUri: Uri?, autoOpenPrompt: Boolean) {
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
+            // To get device credential unlock result, only if same database uri
+            if (databaseUri != null
+                    && mAdvancedUnlockEnabled) {
+                activityResult?.let {
+                    if (databaseUri == databaseFileUri) {
+                        advancedUnlockManager?.onActivityResult(it.requestCode, it.resultCode)
+                    } else {
+                        disconnect()
+                    }
+                } ?: run {
+                    connect(databaseUri)
+                    this.mAutoOpenPrompt = autoOpenPrompt
+                }
+            } else {
+                disconnect()
+            }
+            activityResult = null
+        }
+    }
+
+    /**
+     * Check unlock availability and change the current mode depending of device's state
+     */
+    fun checkUnlockAvailability() {
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
+            allowOpenBiometricPrompt = true
+            if (PreferencesUtil.isBiometricUnlockEnable(requireContext())) {
+                mAdvancedUnlockInfoView?.setIconResource(R.drawable.fingerprint)
+
+                // biometric not supported (by API level or hardware) so keep option hidden
+                // or manually disable
+                val biometricCanAuthenticate = AdvancedUnlockManager.canAuthenticate(requireContext())
+                if (!PreferencesUtil.isAdvancedUnlockEnable(requireContext())
+                        || biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE
+                        || biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE) {
+                    toggleMode(Mode.BIOMETRIC_UNAVAILABLE)
+                } else if (biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_SECURITY_UPDATE_REQUIRED) {
+                    toggleMode(Mode.BIOMETRIC_SECURITY_UPDATE_REQUIRED)
+                } else {
+                    // biometric is available but not configured, show icon but in disabled state with some information
+                    if (biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_NONE_ENROLLED) {
+                        toggleMode(Mode.DEVICE_CREDENTIAL_OR_BIOMETRIC_NOT_CONFIGURED)
+                    } else {
+                        selectMode()
+                    }
+                }
+            } else if (PreferencesUtil.isDeviceCredentialUnlockEnable(requireContext())) {
+                mAdvancedUnlockInfoView?.setIconResource(R.drawable.bolt)
+                if (AdvancedUnlockManager.isDeviceSecure(requireContext())) {
+                    selectMode()
+                } else {
+                    toggleMode(Mode.DEVICE_CREDENTIAL_OR_BIOMETRIC_NOT_CONFIGURED)
+                }
+            }
+        }
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    private fun selectMode() {
+        // Check if fingerprint well init (be called the first time the fingerprint is configured
+        // and the activity still active)
+        if (advancedUnlockManager?.isKeyManagerInitialized != true) {
+            advancedUnlockManager = AdvancedUnlockManager { requireActivity() }
+            // callback for fingerprint findings
+            advancedUnlockManager?.advancedUnlockCallback = this
+        }
+        // Recheck to change the mode
+        if (advancedUnlockManager?.isKeyManagerInitialized != true) {
+            toggleMode(Mode.KEY_MANAGER_UNAVAILABLE)
+        } else {
+            if (mBuilderListener?.conditionToStoreCredential() == true) {
+                // listen for encryption
+                toggleMode(Mode.STORE_CREDENTIAL)
+            } else {
+                databaseFileUri?.let { databaseUri ->
+                    cipherDatabaseAction.containsCipherDatabase(databaseUri) { containsCipher ->
+                        // biometric available but no stored password found yet for this DB so show info don't listen
+                        toggleMode(if (containsCipher) {
+                            // listen for decryption
+                            Mode.EXTRACT_CREDENTIAL
+                        } else {
+                            // wait for typing
+                            Mode.WAIT_CREDENTIAL
+                        })
+                    }
+                }
+            }
+        }
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    private fun toggleMode(newBiometricMode: Mode) {
+        if (newBiometricMode != biometricMode) {
+            biometricMode = newBiometricMode
+            initAdvancedUnlockMode()
+        }
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    private fun initNotAvailable() {
+        showViews(false)
+
+        mAdvancedUnlockInfoView?.setIconViewClickListener(false, null)
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    private fun openBiometricSetting() {
+        mAdvancedUnlockInfoView?.setIconViewClickListener(false) {
+            // ACTION_SECURITY_SETTINGS does not contain fingerprint enrollment on some devices...
+            requireContext().startActivity(Intent(Settings.ACTION_SETTINGS))
+        }
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    private fun initSecurityUpdateRequired() {
+        showViews(true)
+        setAdvancedUnlockedTitleView(R.string.biometric_security_update_required)
+
+        openBiometricSetting()
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    private fun initNotConfigured() {
+        showViews(true)
+        setAdvancedUnlockedTitleView(R.string.configure_biometric)
+        setAdvancedUnlockedMessageView("")
+
+        openBiometricSetting()
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    private fun initKeyManagerNotAvailable() {
+        showViews(true)
+        setAdvancedUnlockedTitleView(R.string.keystore_not_accessible)
+
+        openBiometricSetting()
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    private fun initWaitData() {
+        showViews(true)
+        setAdvancedUnlockedTitleView(R.string.no_credentials_stored)
+        setAdvancedUnlockedMessageView("")
+
+        mAdvancedUnlockInfoView?.setIconViewClickListener(false) {
+            onAuthenticationError(BiometricPrompt.ERROR_UNABLE_TO_PROCESS,
+                    requireContext().getString(R.string.credential_before_click_advanced_unlock_button))
+        }
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    private fun openAdvancedUnlockPrompt(cryptoPrompt: AdvancedUnlockCryptoPrompt) {
+        activity?.runOnUiThread {
+            if (allowOpenBiometricPrompt) {
+                if (cryptoPrompt.isDeviceCredentialOperation)
+                    keepConnection = true
+                try {
+                    advancedUnlockManager?.openAdvancedUnlockPrompt(cryptoPrompt)
+                } catch (e: Exception) {
+                    Log.e(TAG, "Unable to open advanced unlock prompt", e)
+                    setAdvancedUnlockedTitleView(R.string.advanced_unlock_prompt_not_initialized)
+                }
+            }
+        }
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    private fun initEncryptData() {
+        showViews(true)
+        setAdvancedUnlockedTitleView(R.string.open_advanced_unlock_prompt_store_credential)
+        setAdvancedUnlockedMessageView("")
+
+        advancedUnlockManager?.initEncryptData { cryptoPrompt ->
+            // Set listener to open the biometric dialog and save credential
+            mAdvancedUnlockInfoView?.setIconViewClickListener { _ ->
+                openAdvancedUnlockPrompt(cryptoPrompt)
+            }
+        } ?: throw Exception("AdvancedUnlockManager not initialized")
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    private fun initDecryptData() {
+        showViews(true)
+        setAdvancedUnlockedTitleView(R.string.open_advanced_unlock_prompt_unlock_database)
+        setAdvancedUnlockedMessageView("")
+
+        advancedUnlockManager?.let { unlockHelper ->
+            databaseFileUri?.let { databaseUri ->
+                cipherDatabaseAction.getCipherDatabase(databaseUri) { cipherDatabase ->
+                    cipherDatabase?.let {
+                        unlockHelper.initDecryptData(it.specParameters) { cryptoPrompt ->
+
+                            // Set listener to open the biometric dialog and check credential
+                            mAdvancedUnlockInfoView?.setIconViewClickListener { _ ->
+                                openAdvancedUnlockPrompt(cryptoPrompt)
+                            }
+
+                            // Auto open the biometric prompt
+                            if (mAutoOpenPrompt) {
+                                mAutoOpenPrompt = false
+                                openAdvancedUnlockPrompt(cryptoPrompt)
+                            }
+                        }
+                    } ?: deleteEncryptedDatabaseKey()
+                }
+            } ?: throw IODatabaseException()
+        } ?: throw Exception("AdvancedUnlockManager not initialized")
+    }
+
+    @Synchronized
+    fun initAdvancedUnlockMode() {
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
+            mAllowAdvancedUnlockMenu = false
+            try {
+                when (biometricMode) {
+                    Mode.BIOMETRIC_UNAVAILABLE -> initNotAvailable()
+                    Mode.BIOMETRIC_SECURITY_UPDATE_REQUIRED -> initSecurityUpdateRequired()
+                    Mode.DEVICE_CREDENTIAL_OR_BIOMETRIC_NOT_CONFIGURED -> initNotConfigured()
+                    Mode.KEY_MANAGER_UNAVAILABLE -> initKeyManagerNotAvailable()
+                    Mode.WAIT_CREDENTIAL -> initWaitData()
+                    Mode.STORE_CREDENTIAL -> initEncryptData()
+                    Mode.EXTRACT_CREDENTIAL -> initDecryptData()
+                }
+            } catch (e: Exception) {
+                onGenericException(e)
+            }
+            invalidateBiometricMenu()
+        }
+    }
+
+    private fun invalidateBiometricMenu() {
+        // Show fingerprint key deletion
+        if (!mAddBiometricMenuInProgress) {
+            mAddBiometricMenuInProgress = true
+            databaseFileUri?.let { databaseUri ->
+                cipherDatabaseAction.containsCipherDatabase(databaseUri) { containsCipher ->
+                    mAllowAdvancedUnlockMenu = containsCipher
+                            && (biometricMode != Mode.BIOMETRIC_UNAVAILABLE
+                            && biometricMode != Mode.KEY_MANAGER_UNAVAILABLE)
+                    mAddBiometricMenuInProgress = false
+                    activity?.invalidateOptionsMenu()
+                }
+            }
+        }
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    fun connect(databaseUri: Uri) {
+        showViews(true)
+        this.databaseFileUri = databaseUri
+        cipherDatabaseListener = object: CipherDatabaseAction.DatabaseListener {
+            override fun onDatabaseCleared() {
+                deleteEncryptedDatabaseKey()
+            }
+        }
+        cipherDatabaseAction.apply {
+            reloadPreferences()
+            cipherDatabaseListener?.let {
+                registerDatabaseListener(it)
+            }
+        }
+        checkUnlockAvailability()
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    fun disconnect(hideViews: Boolean = true,
+                   closePrompt: Boolean = true) {
+        this.databaseFileUri = null
+        // Close the biometric prompt
+        allowOpenBiometricPrompt = false
+        if (closePrompt)
+            advancedUnlockManager?.closeBiometricPrompt()
+        cipherDatabaseListener?.let {
+            cipherDatabaseAction.unregisterDatabaseListener(it)
+        }
+        biometricMode = Mode.BIOMETRIC_UNAVAILABLE
+        if (hideViews) {
+            showViews(false)
+        }
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    fun deleteEncryptedDatabaseKey() {
+        allowOpenBiometricPrompt = false
+        mAdvancedUnlockInfoView?.setIconViewClickListener(false, null)
+        advancedUnlockManager?.closeBiometricPrompt()
+        databaseFileUri?.let { databaseUri ->
+            cipherDatabaseAction.deleteByDatabaseUri(databaseUri) {
+                checkUnlockAvailability()
+            }
+        }
+    }
+
+    override fun onAuthenticationError(errorCode: Int, errString: CharSequence) {
+        activity?.runOnUiThread {
+            Log.e(TAG, "Biometric authentication error. Code : $errorCode Error : $errString")
+            setAdvancedUnlockedMessageView(errString.toString())
+        }
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    override fun onAuthenticationFailed() {
+        activity?.runOnUiThread {
+            Log.e(TAG, "Biometric authentication failed, biometric not recognized")
+            setAdvancedUnlockedMessageView(R.string.advanced_unlock_not_recognized)
+        }
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    override fun onAuthenticationSucceeded() {
+        activity?.runOnUiThread {
+            when (biometricMode) {
+                Mode.BIOMETRIC_UNAVAILABLE -> {
+                }
+                Mode.BIOMETRIC_SECURITY_UPDATE_REQUIRED -> {
+                }
+                Mode.DEVICE_CREDENTIAL_OR_BIOMETRIC_NOT_CONFIGURED -> {
+                }
+                Mode.KEY_MANAGER_UNAVAILABLE -> {
+                }
+                Mode.WAIT_CREDENTIAL -> {
+                }
+                Mode.STORE_CREDENTIAL -> {
+                    // newly store the entered password in encrypted way
+                    mBuilderListener?.retrieveCredentialForEncryption()?.let { credential ->
+                        advancedUnlockManager?.encryptData(credential)
+                    }
+                    AdvancedUnlockNotificationService.startServiceForTimeout(requireContext())
+                }
+                Mode.EXTRACT_CREDENTIAL -> {
+                    // retrieve the encrypted value from preferences
+                    databaseFileUri?.let { databaseUri ->
+                        cipherDatabaseAction.getCipherDatabase(databaseUri) { cipherDatabase ->
+                            cipherDatabase?.encryptedValue?.let { value ->
+                                advancedUnlockManager?.decryptData(value)
+                            } ?: deleteEncryptedDatabaseKey()
+                        }
+                    } ?: run {
+                        onAuthenticationError(-1, getString(R.string.error_database_uri_null))
+                    }
+                }
+            }
+        }
+    }
+
+    override fun handleEncryptedResult(encryptedValue: String, ivSpec: String) {
+        databaseFileUri?.let { databaseUri ->
+            mBuilderListener?.onCredentialEncrypted(databaseUri, encryptedValue, ivSpec)
+        }
+    }
+
+    override fun handleDecryptedResult(decryptedValue: String) {
+        // Load database directly with password retrieve
+        databaseFileUri?.let {
+            mBuilderListener?.onCredentialDecrypted(it, decryptedValue)
+        }
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    override fun onInvalidKeyException(e: Exception) {
+        setAdvancedUnlockedMessageView(R.string.advanced_unlock_invalid_key)
+    }
+
+    override fun onGenericException(e: Exception) {
+        val errorMessage = e.cause?.localizedMessage ?: e.localizedMessage ?: ""
+        setAdvancedUnlockedMessageView(errorMessage)
+    }
+
+    private fun showViews(show: Boolean) {
+        activity?.runOnUiThread {
+            mAdvancedUnlockInfoView?.visibility = if (show)
+                View.VISIBLE
+            else {
+                View.GONE
+            }
+        }
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    private fun setAdvancedUnlockedTitleView(textId: Int) {
+        activity?.runOnUiThread {
+            mAdvancedUnlockInfoView?.setTitle(textId)
+        }
+    }
+
+    @RequiresApi(Build.VERSION_CODES.M)
+    private fun setAdvancedUnlockedMessageView(textId: Int) {
+        activity?.runOnUiThread {
+            mAdvancedUnlockInfoView?.setMessage(textId)
+        }
+    }
+
+    private fun setAdvancedUnlockedMessageView(text: CharSequence) {
+        activity?.runOnUiThread {
+            mAdvancedUnlockInfoView?.message = text
+        }
+    }
+
+    fun performEducation(passwordActivityEducation: PasswordActivityEducation,
+                         readOnlyEducationPerformed: Boolean,
+                         onEducationViewClick: ((TapTargetView?) -> Unit)? = null,
+                         onOuterViewClick: ((TapTargetView?) -> Unit)? = null) {
+        try {
+            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M
+                    && !readOnlyEducationPerformed) {
+                val biometricCanAuthenticate = AdvancedUnlockManager.canAuthenticate(requireContext())
+                PreferencesUtil.isAdvancedUnlockEnable(requireContext())
+                        && (biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_NONE_ENROLLED
+                        || biometricCanAuthenticate == BiometricManager.BIOMETRIC_SUCCESS)
+                        && mAdvancedUnlockInfoView != null && mAdvancedUnlockInfoView?.visibility == View.VISIBLE
+                        && mAdvancedUnlockInfoView?.unlockIconImageView != null
+                        && passwordActivityEducation.checkAndPerformedBiometricEducation(mAdvancedUnlockInfoView!!.unlockIconImageView!!,
+                        onEducationViewClick,
+                        onOuterViewClick)
+            }
+        } catch (ignored: Exception) {}
+    }
+
+    enum class Mode {
+        BIOMETRIC_UNAVAILABLE,
+        BIOMETRIC_SECURITY_UPDATE_REQUIRED,
+        DEVICE_CREDENTIAL_OR_BIOMETRIC_NOT_CONFIGURED,
+        KEY_MANAGER_UNAVAILABLE,
+        WAIT_CREDENTIAL,
+        STORE_CREDENTIAL,
+        EXTRACT_CREDENTIAL
+    }
+
+    interface BuilderListener {
+        fun retrieveCredentialForEncryption(): String
+        fun conditionToStoreCredential(): Boolean
+        fun onCredentialEncrypted(databaseUri: Uri, encryptedCredential: String, ivSpec: String)
+        fun onCredentialDecrypted(databaseUri: Uri, decryptedCredential: String)
+    }
+
+    override fun onPause() {
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
+            if (!keepConnection) {
+                // If close prompt, bug "user not authenticated in Android R"
+                disconnect(false)
+                advancedUnlockManager = null
+            }
+        }
+
+        super.onPause()
+    }
+
+    override fun onDestroyView() {
+        mAdvancedUnlockInfoView = null
+
+        super.onDestroyView()
+    }
+
+    override fun onDestroy() {
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
+            disconnect()
+            advancedUnlockManager = null
+            mBuilderListener = null
+        }
+
+        super.onDestroy()
+    }
+
+    override fun onDetach() {
+        mBuilderListener = null
+
+        super.onDetach()
+    }
+
+    companion object {
+
+        private val TAG = AdvancedUnlockFragment::class.java.name
+    }
+}
--- a/app/src/main/java/com/kunzisoft/keepass/biometric/AdvancedUnlockManager.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/biometric/AdvancedUnlockManager.kt
@@ -0,0 +1,465 @@
+/*
+ * Copyright 2020 Jeremy Jamet / Kunzisoft.
+ *
+ * This file is part of KeePassDX.
+ *
+ *  KeePassDX is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  KeePassDX is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with KeePassDX.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+package com.kunzisoft.keepass.biometric
+
+import android.app.Activity
+import android.app.KeyguardManager
+import android.content.Context
+import android.os.Build
+import android.security.keystore.KeyGenParameterSpec
+import android.security.keystore.KeyPermanentlyInvalidatedException
+import android.security.keystore.KeyProperties
+import android.util.Base64
+import android.util.Log
+import androidx.annotation.RequiresApi
+import androidx.biometric.BiometricManager
+import androidx.biometric.BiometricManager.Authenticators.*
+import androidx.biometric.BiometricPrompt
+import androidx.core.content.ContextCompat
+import androidx.fragment.app.FragmentActivity
+import com.kunzisoft.keepass.R
+import com.kunzisoft.keepass.settings.PreferencesUtil
+import java.security.KeyStore
+import java.security.UnrecoverableKeyException
+import java.util.concurrent.Executors
+import javax.crypto.BadPaddingException
+import javax.crypto.Cipher
+import javax.crypto.KeyGenerator
+import javax.crypto.SecretKey
+import javax.crypto.spec.IvParameterSpec
+
+@RequiresApi(api = Build.VERSION_CODES.M)
+class AdvancedUnlockManager(private var retrieveContext: () -> FragmentActivity) {
+
+    private var keyStore: KeyStore? = null
+    private var keyGenerator: KeyGenerator? = null
+    private var cipher: Cipher? = null
+
+    private var biometricPrompt: BiometricPrompt? = null
+    private var authenticationCallback = object: BiometricPrompt.AuthenticationCallback() {
+        override fun onAuthenticationSucceeded(result: BiometricPrompt.AuthenticationResult) {
+            advancedUnlockCallback?.onAuthenticationSucceeded()
+        }
+
+        override fun onAuthenticationFailed() {
+            advancedUnlockCallback?.onAuthenticationFailed()
+        }
+
+        override fun onAuthenticationError(errorCode: Int, errString: CharSequence) {
+            advancedUnlockCallback?.onAuthenticationError(errorCode, errString)
+        }
+    }
+
+    var advancedUnlockCallback: AdvancedUnlockCallback? = null
+
+    private var isKeyManagerInit = false
+
+    private val biometricUnlockEnable = PreferencesUtil.isBiometricUnlockEnable(retrieveContext())
+    private val deviceCredentialUnlockEnable = PreferencesUtil.isDeviceCredentialUnlockEnable(retrieveContext())
+
+    val isKeyManagerInitialized: Boolean
+        get() {
+            if (!isKeyManagerInit) {
+                advancedUnlockCallback?.onGenericException(Exception("Biometric not initialized"))
+            }
+            return isKeyManagerInit
+        }
+
+    private fun isBiometricOperation(): Boolean {
+        return biometricUnlockEnable || isDeviceCredentialBiometricOperation()
+    }
+
+    // Since Android 30, device credential is also a biometric operation
+    private fun isDeviceCredentialOperation(): Boolean {
+        return Build.VERSION.SDK_INT < Build.VERSION_CODES.R
+                && deviceCredentialUnlockEnable
+    }
+
+    private fun isDeviceCredentialBiometricOperation(): Boolean {
+        return Build.VERSION.SDK_INT >= Build.VERSION_CODES.R
+                && deviceCredentialUnlockEnable
+    }
+
+    init {
+        if (isDeviceSecure(retrieveContext())
+                && (biometricUnlockEnable || deviceCredentialUnlockEnable)) {
+            try {
+                this.keyStore = KeyStore.getInstance(ADVANCED_UNLOCK_KEYSTORE)
+                this.keyGenerator = KeyGenerator.getInstance(ADVANCED_UNLOCK_KEY_ALGORITHM, ADVANCED_UNLOCK_KEYSTORE)
+                this.cipher = Cipher.getInstance(
+                        ADVANCED_UNLOCK_KEY_ALGORITHM + "/"
+                                + ADVANCED_UNLOCK_BLOCKS_MODES + "/"
+                                + ADVANCED_UNLOCK_ENCRYPTION_PADDING)
+                isKeyManagerInit = (keyStore != null
+                        && keyGenerator != null
+                        && cipher != null)
+            } catch (e: Exception) {
+                Log.e(TAG, "Unable to initialize the keystore", e)
+                isKeyManagerInit = false
+                advancedUnlockCallback?.onGenericException(e)
+            }
+        } else {
+            // really not much to do when no fingerprint support found
+            isKeyManagerInit = false
+        }
+    }
+
+    private fun getSecretKey(): SecretKey? {
+        if (!isKeyManagerInitialized) {
+            return null
+        }
+        try {
+            // Create new key if needed
+            keyStore?.let { keyStore ->
+                keyStore.load(null)
+
+                try {
+                    if (!keyStore.containsAlias(ADVANCED_UNLOCK_KEYSTORE_KEY)) {
+                        // Set the alias of the entry in Android KeyStore where the key will appear
+                        // and the constrains (purposes) in the constructor of the Builder
+                        keyGenerator?.init(
+                                KeyGenParameterSpec.Builder(
+                                        ADVANCED_UNLOCK_KEYSTORE_KEY,
+                                        KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT)
+                                        .setBlockModes(KeyProperties.BLOCK_MODE_CBC)
+                                        .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
+                                        // Require the user to authenticate with a fingerprint to authorize every use
+                                        // of the key, don't use it for device credential because it's the user authentication
+                                        .apply {
+                                            if (biometricUnlockEnable) {
+                                                setUserAuthenticationRequired(true)
+                                            }
+                                        }
+                                        .build())
+                        keyGenerator?.generateKey()
+                    }
+                } catch (e: Exception) {
+                    Log.e(TAG, "Unable to create a key in keystore", e)
+                    advancedUnlockCallback?.onGenericException(e)
+                }
+
+                return keyStore.getKey(ADVANCED_UNLOCK_KEYSTORE_KEY, null) as SecretKey?
+            }
+        } catch (e: Exception) {
+            Log.e(TAG, "Unable to retrieve the key in keystore", e)
+            advancedUnlockCallback?.onGenericException(e)
+        }
+        return null
+    }
+
+    fun initEncryptData(actionIfCypherInit
+                        : (cryptoPrompt: AdvancedUnlockCryptoPrompt) -> Unit) {
+        if (!isKeyManagerInitialized) {
+            return
+        }
+        try {
+            getSecretKey()?.let { secretKey ->
+                cipher?.let { cipher ->
+                    cipher.init(Cipher.ENCRYPT_MODE, secretKey)
+
+                    actionIfCypherInit.invoke(
+                            AdvancedUnlockCryptoPrompt(
+                                    cipher,
+                                    R.string.advanced_unlock_prompt_store_credential_title,
+                                    R.string.advanced_unlock_prompt_store_credential_message,
+                                    isDeviceCredentialOperation(), isBiometricOperation())
+                    )
+                }
+            }
+        } catch (unrecoverableKeyException: UnrecoverableKeyException) {
+            Log.e(TAG, "Unable to initialize encrypt data", unrecoverableKeyException)
+            advancedUnlockCallback?.onInvalidKeyException(unrecoverableKeyException)
+        } catch (invalidKeyException: KeyPermanentlyInvalidatedException) {
+            Log.e(TAG, "Unable to initialize encrypt data", invalidKeyException)
+            advancedUnlockCallback?.onInvalidKeyException(invalidKeyException)
+        } catch (e: Exception) {
+            Log.e(TAG, "Unable to initialize encrypt data", e)
+            advancedUnlockCallback?.onGenericException(e)
+        }
+    }
+
+    fun encryptData(value: String) {
+        if (!isKeyManagerInitialized) {
+            return
+        }
+        try {
+            val encrypted = cipher?.doFinal(value.toByteArray())
+            val encryptedBase64 = Base64.encodeToString(encrypted, Base64.NO_WRAP)
+
+            // passes updated iv spec on to callback so this can be stored for decryption
+            cipher?.parameters?.getParameterSpec(IvParameterSpec::class.java)?.let{ spec ->
+                val ivSpecValue = Base64.encodeToString(spec.iv, Base64.NO_WRAP)
+                advancedUnlockCallback?.handleEncryptedResult(encryptedBase64, ivSpecValue)
+            }
+        } catch (e: Exception) {
+            Log.e(TAG, "Unable to encrypt data", e)
+            advancedUnlockCallback?.onGenericException(e)
+        }
+    }
+
+    fun initDecryptData(ivSpecValue: String, actionIfCypherInit
+                        : (cryptoPrompt: AdvancedUnlockCryptoPrompt) -> Unit) {
+        if (!isKeyManagerInitialized) {
+            return
+        }
+        try {
+            // important to restore spec here that was used for decryption
+            val iv = Base64.decode(ivSpecValue, Base64.NO_WRAP)
+            val spec = IvParameterSpec(iv)
+
+            getSecretKey()?.let { secretKey ->
+                cipher?.let { cipher ->
+                    cipher.init(Cipher.DECRYPT_MODE, secretKey, spec)
+
+                    actionIfCypherInit.invoke(
+                            AdvancedUnlockCryptoPrompt(
+                                    cipher,
+                                    R.string.advanced_unlock_prompt_extract_credential_title,
+                                    null,
+                                    isDeviceCredentialOperation(), isBiometricOperation())
+                    )
+                }
+            }
+        } catch (unrecoverableKeyException: UnrecoverableKeyException) {
+            Log.e(TAG, "Unable to initialize decrypt data", unrecoverableKeyException)
+            deleteKeystoreKey()
+        } catch (invalidKeyException: KeyPermanentlyInvalidatedException) {
+            Log.e(TAG, "Unable to initialize decrypt data", invalidKeyException)
+            advancedUnlockCallback?.onInvalidKeyException(invalidKeyException)
+        } catch (e: Exception) {
+            Log.e(TAG, "Unable to initialize decrypt data", e)
+            advancedUnlockCallback?.onGenericException(e)
+        }
+    }
+
+    fun decryptData(encryptedValue: String) {
+        if (!isKeyManagerInitialized) {
+            return
+        }
+        try {
+            // actual decryption here
+            val encrypted = Base64.decode(encryptedValue, Base64.NO_WRAP)
+            cipher?.doFinal(encrypted)?.let { decrypted ->
+                advancedUnlockCallback?.handleDecryptedResult(String(decrypted))
+            }
+        } catch (badPaddingException: BadPaddingException) {
+            Log.e(TAG, "Unable to decrypt data", badPaddingException)
+            advancedUnlockCallback?.onInvalidKeyException(badPaddingException)
+        } catch (e: Exception) {
+            Log.e(TAG, "Unable to decrypt data", e)
+            advancedUnlockCallback?.onGenericException(e)
+        }
+    }
+
+    fun deleteKeystoreKey() {
+        try {
+            keyStore?.load(null)
+            keyStore?.deleteEntry(ADVANCED_UNLOCK_KEYSTORE_KEY)
+        } catch (e: Exception) {
+            Log.e(TAG, "Unable to delete entry key in keystore", e)
+            advancedUnlockCallback?.onGenericException(e)
+        }
+    }
+
+    @Suppress("DEPRECATION")
+    @Synchronized
+    fun openAdvancedUnlockPrompt(cryptoPrompt: AdvancedUnlockCryptoPrompt) {
+        // Init advanced unlock prompt
+        if (biometricPrompt == null) {
+            biometricPrompt = BiometricPrompt(retrieveContext(),
+                    Executors.newSingleThreadExecutor(),
+                    authenticationCallback)
+        }
+
+        val promptTitle = retrieveContext().getString(cryptoPrompt.promptTitleId)
+        val promptDescription = cryptoPrompt.promptDescriptionId?.let { descriptionId ->
+            retrieveContext().getString(descriptionId)
+        } ?: ""
+
+        if (cryptoPrompt.isBiometricOperation) {
+            val promptInfoExtractCredential = BiometricPrompt.PromptInfo.Builder().apply {
+                setTitle(promptTitle)
+                if (promptDescription.isNotEmpty())
+                    setDescription(promptDescription)
+                setConfirmationRequired(false)
+                if (isDeviceCredentialBiometricOperation()) {
+                    setAllowedAuthenticators(DEVICE_CREDENTIAL)
+                } else {
+                    setNegativeButtonText(retrieveContext().getString(android.R.string.cancel))
+                }
+            }.build()
+            biometricPrompt?.authenticate(
+                    promptInfoExtractCredential,
+                    BiometricPrompt.CryptoObject(cryptoPrompt.cipher))
+        }
+        else if (cryptoPrompt.isDeviceCredentialOperation) {
+            val keyGuardManager = ContextCompat.getSystemService(retrieveContext(), KeyguardManager::class.java)
+            retrieveContext().startActivityForResult(
+                    keyGuardManager?.createConfirmDeviceCredentialIntent(promptTitle, promptDescription),
+                    REQUEST_DEVICE_CREDENTIAL)
+        }
+    }
+
+    @Synchronized
+    fun onActivityResult(requestCode: Int, resultCode: Int) {
+        if (requestCode == REQUEST_DEVICE_CREDENTIAL) {
+            if (resultCode == Activity.RESULT_OK) {
+                advancedUnlockCallback?.onAuthenticationSucceeded()
+            } else {
+                advancedUnlockCallback?.onAuthenticationFailed()
+            }
+        }
+    }
+
+    fun closeBiometricPrompt() {
+        biometricPrompt?.cancelAuthentication()
+    }
+
+    interface AdvancedUnlockErrorCallback {
+        fun onInvalidKeyException(e: Exception)
+        fun onGenericException(e: Exception)
+    }
+
+    interface AdvancedUnlockCallback : AdvancedUnlockErrorCallback {
+        fun onAuthenticationSucceeded()
+        fun onAuthenticationFailed()
+        fun onAuthenticationError(errorCode: Int, errString: CharSequence)
+        fun handleEncryptedResult(encryptedValue: String, ivSpec: String)
+        fun handleDecryptedResult(decryptedValue: String)
+    }
+
+    companion object {
+
+        private val TAG = AdvancedUnlockManager::class.java.name
+
+        private const val ADVANCED_UNLOCK_KEYSTORE = "AndroidKeyStore"
+        private const val ADVANCED_UNLOCK_KEYSTORE_KEY = "com.kunzisoft.keepass.biometric.key"
+        private const val ADVANCED_UNLOCK_KEY_ALGORITHM = KeyProperties.KEY_ALGORITHM_AES
+        private const val ADVANCED_UNLOCK_BLOCKS_MODES = KeyProperties.BLOCK_MODE_CBC
+        private const val ADVANCED_UNLOCK_ENCRYPTION_PADDING = KeyProperties.ENCRYPTION_PADDING_PKCS7
+
+        private const val REQUEST_DEVICE_CREDENTIAL = 556
+
+        @RequiresApi(api = Build.VERSION_CODES.M)
+        fun canAuthenticate(context: Context): Int {
+            return try {
+                BiometricManager.from(context).canAuthenticate(
+                    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R
+                            && PreferencesUtil.isDeviceCredentialUnlockEnable(context)) {
+                        BIOMETRIC_STRONG or DEVICE_CREDENTIAL
+                    } else {
+                        BIOMETRIC_STRONG
+                    }
+                )
+            } catch (e: Exception) {
+                Log.e(TAG, "Unable to authenticate with strong biometric.", e)
+                try {
+                    BiometricManager.from(context).canAuthenticate(
+                            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R
+                                    && PreferencesUtil.isDeviceCredentialUnlockEnable(context)) {
+                                BIOMETRIC_WEAK or DEVICE_CREDENTIAL
+                            } else {
+                                BIOMETRIC_WEAK
+                            }
+                    )
+                } catch (e: Exception) {
+                    Log.e(TAG, "Unable to authenticate with weak biometric.", e)
+                    BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE
+                }
+            }
+        }
+
+        @RequiresApi(api = Build.VERSION_CODES.M)
+        fun isDeviceSecure(context: Context): Boolean {
+            val keyguardManager = ContextCompat.getSystemService(context, KeyguardManager::class.java)
+            return keyguardManager?.isDeviceSecure ?: false
+        }
+
+        @RequiresApi(api = Build.VERSION_CODES.M)
+        fun biometricUnlockSupported(context: Context): Boolean {
+            val biometricCanAuthenticate = try {
+                BiometricManager.from(context).canAuthenticate(BIOMETRIC_STRONG)
+            } catch (e: Exception) {
+                Log.e(TAG, "Unable to authenticate with strong biometric.", e)
+                try {
+                    BiometricManager.from(context).canAuthenticate(BIOMETRIC_WEAK)
+                } catch (e: Exception) {
+                    Log.e(TAG, "Unable to authenticate with weak biometric.", e)
+                    BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE
+                }
+            }
+            return (biometricCanAuthenticate == BiometricManager.BIOMETRIC_SUCCESS
+                    || biometricCanAuthenticate == BiometricManager.BIOMETRIC_STATUS_UNKNOWN
+                    || biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE
+                    || biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_NONE_ENROLLED
+                    || biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_SECURITY_UPDATE_REQUIRED
+            )
+        }
+
+        @RequiresApi(api = Build.VERSION_CODES.M)
+        fun deviceCredentialUnlockSupported(context: Context): Boolean {
+            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) {
+                val biometricCanAuthenticate = BiometricManager.from(context).canAuthenticate(DEVICE_CREDENTIAL)
+                return (biometricCanAuthenticate == BiometricManager.BIOMETRIC_SUCCESS
+                        || biometricCanAuthenticate == BiometricManager.BIOMETRIC_STATUS_UNKNOWN
+                        || biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE
+                        || biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_NONE_ENROLLED
+                        || biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_SECURITY_UPDATE_REQUIRED
+                        )
+            } else if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
+                ContextCompat.getSystemService(context, KeyguardManager::class.java)?.apply {
+                    return isDeviceSecure
+                }
+            }
+            return false
+        }
+
+        /**
+         * Remove entry key in keystore
+         */
+        @RequiresApi(api = Build.VERSION_CODES.M)
+        fun deleteEntryKeyInKeystoreForBiometric(fragmentActivity: FragmentActivity,
+                                                 advancedCallback: AdvancedUnlockErrorCallback) {
+            AdvancedUnlockManager{ fragmentActivity }.apply {
+                advancedUnlockCallback = object : AdvancedUnlockCallback {
+                    override fun onAuthenticationSucceeded() {}
+
+                    override fun onAuthenticationFailed() {}
+
+                    override fun onAuthenticationError(errorCode: Int, errString: CharSequence) {}
+
+                    override fun handleEncryptedResult(encryptedValue: String, ivSpec: String) {}
+
+                    override fun handleDecryptedResult(decryptedValue: String) {}
+
+                    override fun onInvalidKeyException(e: Exception) {
+                        advancedCallback.onInvalidKeyException(e)
+                    }
+
+                    override fun onGenericException(e: Exception) {
+                        advancedCallback.onGenericException(e)
+                    }
+                }
+                deleteKeystoreKey()
+            }
+        }
+    }
+
+}
--- a/app/src/main/java/com/kunzisoft/keepass/biometric/AdvancedUnlockedManager.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/biometric/AdvancedUnlockedManager.kt
@@ -1,404 +0,0 @@
-/*
- * Copyright 2019 Jeremy Jamet / Kunzisoft.
- *
- * This file is part of KeePassDX.
- *
- *  KeePassDX is free software: you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation, either version 3 of the License, or
- *  (at your option) any later version.
- *
- *  KeePassDX is distributed in the hope that it will be useful,
- *  but WITHOUT ANY WARRANTY; without even the implied warranty of
- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- *  GNU General Public License for more details.
- *
- *  You should have received a copy of the GNU General Public License
- *  along with KeePassDX.  If not, see <http://www.gnu.org/licenses/>.
- *
- */
-package com.kunzisoft.keepass.biometric
-
-import android.content.Intent
-import android.net.Uri
-import android.os.Build
-import android.provider.Settings
-import android.util.Log
-import android.view.Menu
-import android.view.MenuInflater
-import android.view.View
-import android.widget.CompoundButton
-import android.widget.TextView
-import androidx.annotation.RequiresApi
-import androidx.biometric.BiometricManager
-import androidx.biometric.BiometricPrompt
-import androidx.fragment.app.FragmentActivity
-import com.kunzisoft.keepass.R
-import com.kunzisoft.keepass.app.database.CipherDatabaseAction
-import com.kunzisoft.keepass.settings.PreferencesUtil
-import com.kunzisoft.keepass.view.AdvancedUnlockInfoView
-
-@RequiresApi(api = Build.VERSION_CODES.M)
-class AdvancedUnlockedManager(var context: FragmentActivity,
-                              var databaseFileUri: Uri,
-                              private var advancedUnlockInfoView: AdvancedUnlockInfoView?,
-                              private var checkboxPasswordView: CompoundButton?,
-                              private var onCheckedPasswordChangeListener: CompoundButton.OnCheckedChangeListener? = null,
-                              var passwordView: TextView?,
-                              private var loadDatabaseAfterRegisterCredentials: (encryptedPassword: String?, ivSpec: String?) -> Unit,
-                              private var loadDatabaseAfterRetrieveCredentials: (decryptedPassword: String?) -> Unit)
-    : BiometricUnlockDatabaseHelper.BiometricUnlockCallback {
-
-    private var biometricUnlockDatabaseHelper: BiometricUnlockDatabaseHelper? = null
-    private var biometricMode: Mode = Mode.BIOMETRIC_UNAVAILABLE
-
-    // Only to fix multiple fingerprint menu #332
-    private var mAllowAdvancedUnlockMenu = false
-    private var mAddBiometricMenuInProgress = false
-
-    /**
-     * Manage setting to auto open biometric prompt
-     */
-    private var biometricPromptAutoOpenPreference = PreferencesUtil.isBiometricPromptAutoOpenEnable(context)
-    var isBiometricPromptAutoOpenEnable: Boolean = false
-        get() {
-            return field && biometricPromptAutoOpenPreference
-        }
-
-    // Variable to check if the prompt can be open (if the right activity is currently shown)
-    // checkBiometricAvailability() allows open biometric prompt and onDestroy() removes the authorization
-    private var allowOpenBiometricPrompt = false
-
-    private var cipherDatabaseAction = CipherDatabaseAction.getInstance(context.applicationContext)
-
-    init {
-        // Add a check listener to change fingerprint mode
-        checkboxPasswordView?.setOnCheckedChangeListener { compoundButton, checked ->
-            checkBiometricAvailability()
-            // Add old listener to enable the button, only be call here because of onCheckedChange bug
-            onCheckedPasswordChangeListener?.onCheckedChanged(compoundButton, checked)
-        }
-    }
-
-    /**
-     * Check biometric availability and change the current mode depending of device's state
-     */
-    fun checkBiometricAvailability() {
-
-        // biometric not supported (by API level or hardware) so keep option hidden
-        // or manually disable
-        val biometricCanAuthenticate = BiometricUnlockDatabaseHelper.canAuthenticate(context)
-        allowOpenBiometricPrompt = true
-
-        if (!PreferencesUtil.isBiometricUnlockEnable(context)
-                || biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE
-                || biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE) {
-            toggleMode(Mode.BIOMETRIC_UNAVAILABLE)
-        } else if (biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_SECURITY_UPDATE_REQUIRED){
-            toggleMode(Mode.BIOMETRIC_SECURITY_UPDATE_REQUIRED)
-        } else {
-            // biometric is available but not configured, show icon but in disabled state with some information
-            if (biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_NONE_ENROLLED) {
-                toggleMode(Mode.BIOMETRIC_NOT_CONFIGURED)
-            } else {
-                // Check if fingerprint well init (be called the first time the fingerprint is configured
-                // and the activity still active)
-                if (biometricUnlockDatabaseHelper?.isKeyManagerInitialized != true) {
-                    biometricUnlockDatabaseHelper = BiometricUnlockDatabaseHelper(context)
-                    // callback for fingerprint findings
-                    biometricUnlockDatabaseHelper?.biometricUnlockCallback = this
-                    biometricUnlockDatabaseHelper?.authenticationCallback = biometricAuthenticationCallback
-                }
-                // Recheck to change the mode
-                if (biometricUnlockDatabaseHelper?.isKeyManagerInitialized != true) {
-                    toggleMode(Mode.KEY_MANAGER_UNAVAILABLE)
-                } else {
-                    if (checkboxPasswordView?.isChecked == true) {
-                        // listen for encryption
-                        toggleMode(Mode.STORE_CREDENTIAL)
-                    } else {
-                        cipherDatabaseAction.containsCipherDatabase(databaseFileUri) { containsCipher ->
-                            // biometric available but no stored password found yet for this DB so show info don't listen
-                            toggleMode(if (containsCipher) {
-                                // listen for decryption
-                                Mode.EXTRACT_CREDENTIAL
-                            } else {
-                                // wait for typing
-                                Mode.WAIT_CREDENTIAL
-                            })
-                        }
-                    }
-                }
-            }
-        }
-    }
-
-    private fun toggleMode(newBiometricMode: Mode) {
-        if (newBiometricMode != biometricMode) {
-            biometricMode = newBiometricMode
-            initBiometricMode()
-        }
-    }
-
-    private val biometricAuthenticationCallback = object : BiometricPrompt.AuthenticationCallback () {
-
-        override fun onAuthenticationError(
-                errorCode: Int,
-                errString: CharSequence) {
-            context.runOnUiThread {
-                Log.e(TAG, "Biometric authentication error. Code : $errorCode Error : $errString")
-                setAdvancedUnlockedMessageView(errString.toString())
-            }
-        }
-
-        override fun onAuthenticationFailed() {
-            context.runOnUiThread {
-                Log.e(TAG, "Biometric authentication failed, biometric not recognized")
-                setAdvancedUnlockedMessageView(R.string.biometric_not_recognized)
-            }
-        }
-
-        override fun onAuthenticationSucceeded(result: BiometricPrompt.AuthenticationResult) {
-            context.runOnUiThread {
-                when (biometricMode) {
-                    Mode.BIOMETRIC_UNAVAILABLE -> {
-                    }
-                    Mode.BIOMETRIC_SECURITY_UPDATE_REQUIRED -> {
-                    }
-                    Mode.BIOMETRIC_NOT_CONFIGURED -> {
-                    }
-                    Mode.KEY_MANAGER_UNAVAILABLE -> {
-                    }
-                    Mode.WAIT_CREDENTIAL -> {
-                    }
-                    Mode.STORE_CREDENTIAL -> {
-                        // newly store the entered password in encrypted way
-                        biometricUnlockDatabaseHelper?.encryptData(passwordView?.text.toString())
-                    }
-                    Mode.EXTRACT_CREDENTIAL -> {
-                        // retrieve the encrypted value from preferences
-                        cipherDatabaseAction.getCipherDatabase(databaseFileUri) {
-                            it?.encryptedValue?.let { value ->
-                                biometricUnlockDatabaseHelper?.decryptData(value)
-                            }
-                        }
-                    }
-                }
-            }
-        }
-    }
-
-    private fun initNotAvailable() {
-        showFingerPrintViews(false)
-
-        advancedUnlockInfoView?.setIconViewClickListener(false, null)
-    }
-
-    private fun initSecurityUpdateRequired() {
-        showFingerPrintViews(true)
-        setAdvancedUnlockedTitleView(R.string.biometric_security_update_required)
-
-        advancedUnlockInfoView?.setIconViewClickListener(false) {
-            context.startActivity(Intent(Settings.ACTION_SECURITY_SETTINGS))
-        }
-    }
-
-    private fun initNotConfigured() {
-        showFingerPrintViews(true)
-        setAdvancedUnlockedTitleView(R.string.configure_biometric)
-        setAdvancedUnlockedMessageView("")
-
-        advancedUnlockInfoView?.setIconViewClickListener(false) {
-            context.startActivity(Intent(Settings.ACTION_SECURITY_SETTINGS))
-        }
-    }
-
-    private fun initKeyManagerNotAvailable() {
-        showFingerPrintViews(true)
-        setAdvancedUnlockedTitleView(R.string.keystore_not_accessible)
-
-        advancedUnlockInfoView?.setIconViewClickListener(false) {
-            context.startActivity(Intent(Settings.ACTION_SECURITY_SETTINGS))
-        }
-    }
-
-    private fun initWaitData() {
-        showFingerPrintViews(true)
-        setAdvancedUnlockedTitleView(R.string.no_credentials_stored)
-        setAdvancedUnlockedMessageView("")
-
-        advancedUnlockInfoView?.setIconViewClickListener(false) {
-            biometricAuthenticationCallback.onAuthenticationError(BiometricPrompt.ERROR_UNABLE_TO_PROCESS,
-                    context.getString(R.string.credential_before_click_biometric_button))
-        }
-    }
-
-    private fun openBiometricPrompt(biometricPrompt: BiometricPrompt?,
-                                    cryptoObject: BiometricPrompt.CryptoObject?,
-                                    promptInfo: BiometricPrompt.PromptInfo) {
-        context.runOnUiThread {
-            if (allowOpenBiometricPrompt) {
-                if (biometricPrompt != null) {
-                    if (cryptoObject != null) {
-                        biometricPrompt.authenticate(promptInfo, cryptoObject)
-                    } else  {
-                        setAdvancedUnlockedTitleView(R.string.crypto_object_not_initialized)
-                    }
-                } else  {
-                    setAdvancedUnlockedTitleView(R.string.biometric_prompt_not_initialized)
-                }
-            }
-        }
-    }
-
-    private fun initEncryptData() {
-        showFingerPrintViews(true)
-        setAdvancedUnlockedTitleView(R.string.open_biometric_prompt_store_credential)
-        setAdvancedUnlockedMessageView("")
-
-        biometricUnlockDatabaseHelper?.initEncryptData { biometricPrompt, cryptoObject, promptInfo ->
-            // Set listener to open the biometric dialog and save credential
-            advancedUnlockInfoView?.setIconViewClickListener { _ ->
-                openBiometricPrompt(biometricPrompt, cryptoObject, promptInfo)
-            }
-        }
-    }
-
-    private fun initDecryptData() {
-        showFingerPrintViews(true)
-        setAdvancedUnlockedTitleView(R.string.open_biometric_prompt_unlock_database)
-        setAdvancedUnlockedMessageView("")
-
-        if (biometricUnlockDatabaseHelper != null) {
-            cipherDatabaseAction.getCipherDatabase(databaseFileUri) {
-
-                it?.specParameters?.let { specs ->
-                    biometricUnlockDatabaseHelper?.initDecryptData(specs) { biometricPrompt, cryptoObject, promptInfo ->
-
-                        // Set listener to open the biometric dialog and check credential
-                        advancedUnlockInfoView?.setIconViewClickListener { _ ->
-                            openBiometricPrompt(biometricPrompt, cryptoObject, promptInfo)
-                        }
-
-                        // Auto open the biometric prompt
-                        if (isBiometricPromptAutoOpenEnable) {
-                            isBiometricPromptAutoOpenEnable = false
-                            openBiometricPrompt(biometricPrompt, cryptoObject, promptInfo)
-                        }
-                    }
-                }
-            }
-        }
-    }
-
-    @Synchronized
-    fun initBiometricMode() {
-        mAllowAdvancedUnlockMenu = false
-        when (biometricMode) {
-            Mode.BIOMETRIC_UNAVAILABLE -> initNotAvailable()
-            Mode.BIOMETRIC_SECURITY_UPDATE_REQUIRED -> initSecurityUpdateRequired()
-            Mode.BIOMETRIC_NOT_CONFIGURED -> initNotConfigured()
-            Mode.KEY_MANAGER_UNAVAILABLE -> initKeyManagerNotAvailable()
-            Mode.WAIT_CREDENTIAL -> initWaitData()
-            Mode.STORE_CREDENTIAL -> initEncryptData()
-            Mode.EXTRACT_CREDENTIAL -> initDecryptData()
-        }
-
-        invalidateBiometricMenu()
-    }
-
-    private fun invalidateBiometricMenu() {
-        // Show fingerprint key deletion
-        if (!mAddBiometricMenuInProgress) {
-            mAddBiometricMenuInProgress = true
-            cipherDatabaseAction.containsCipherDatabase(databaseFileUri) { containsCipher ->
-                mAllowAdvancedUnlockMenu = containsCipher
-                        && (biometricMode != Mode.BIOMETRIC_UNAVAILABLE
-                                && biometricMode != Mode.KEY_MANAGER_UNAVAILABLE)
-                mAddBiometricMenuInProgress = false
-                context.invalidateOptionsMenu()
-            }
-        }
-    }
-
-    fun destroy() {
-        // Close the biometric prompt
-        allowOpenBiometricPrompt = false
-        biometricUnlockDatabaseHelper?.closeBiometricPrompt()
-        // Restore the checked listener
-        checkboxPasswordView?.setOnCheckedChangeListener(onCheckedPasswordChangeListener)
-    }
-
-    fun inflateOptionsMenu(menuInflater: MenuInflater, menu: Menu) {
-        if (mAllowAdvancedUnlockMenu)
-            menuInflater.inflate(R.menu.advanced_unlock, menu)
-    }
-
-    fun deleteEntryKey() {
-        allowOpenBiometricPrompt = false
-        advancedUnlockInfoView?.setIconViewClickListener(false, null)
-        biometricUnlockDatabaseHelper?.closeBiometricPrompt()
-        biometricUnlockDatabaseHelper?.deleteEntryKey()
-        cipherDatabaseAction.deleteByDatabaseUri(databaseFileUri) {
-            checkBiometricAvailability()
-        }
-    }
-
-    override fun handleEncryptedResult(encryptedValue: String, ivSpec: String) {
-        loadDatabaseAfterRegisterCredentials.invoke(encryptedValue, ivSpec)
-    }
-
-    override fun handleDecryptedResult(decryptedValue: String) {
-        // Load database directly with password retrieve
-        loadDatabaseAfterRetrieveCredentials.invoke(decryptedValue)
-    }
-
-    override fun onInvalidKeyException(e: Exception) {
-        setAdvancedUnlockedMessageView(R.string.biometric_invalid_key)
-    }
-
-    override fun onBiometricException(e: Exception) {
-        e.localizedMessage?.let {
-            setAdvancedUnlockedMessageView(it)
-        }
-    }
-
-    private fun showFingerPrintViews(show: Boolean) {
-        context.runOnUiThread {
-            advancedUnlockInfoView?.visibility = if (show) View.VISIBLE else View.GONE
-        }
-    }
-
-    private fun setAdvancedUnlockedTitleView(textId: Int) {
-        context.runOnUiThread {
-            advancedUnlockInfoView?.setTitle(textId)
-        }
-    }
-
-    private fun setAdvancedUnlockedMessageView(textId: Int) {
-        context.runOnUiThread {
-            advancedUnlockInfoView?.setMessage(textId)
-        }
-    }
-
-    private fun setAdvancedUnlockedMessageView(text: CharSequence) {
-        context.runOnUiThread {
-            advancedUnlockInfoView?.message = text
-        }
-    }
-
-    enum class Mode {
-        BIOMETRIC_UNAVAILABLE,
-        BIOMETRIC_SECURITY_UPDATE_REQUIRED,
-        BIOMETRIC_NOT_CONFIGURED,
-        KEY_MANAGER_UNAVAILABLE,
-        WAIT_CREDENTIAL,
-        STORE_CREDENTIAL,
-        EXTRACT_CREDENTIAL
-    }
-
-    companion object {
-
-        private val TAG = AdvancedUnlockedManager::class.java.name
-    }
-}
--- a/app/src/main/java/com/kunzisoft/keepass/biometric/BiometricUnlockDatabaseHelper.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/biometric/BiometricUnlockDatabaseHelper.kt
@@ -1,355 +0,0 @@
-/*
- * Copyright 2019 Jeremy Jamet / Kunzisoft.
- *
- * This file is part of KeePassDX.
- *
- *  KeePassDX is free software: you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation, either version 3 of the License, or
- *  (at your option) any later version.
- *
- *  KeePassDX is distributed in the hope that it will be useful,
- *  but WITHOUT ANY WARRANTY; without even the implied warranty of
- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- *  GNU General Public License for more details.
- *
- *  You should have received a copy of the GNU General Public License
- *  along with KeePassDX.  If not, see <http://www.gnu.org/licenses/>.
- *
- */
-package com.kunzisoft.keepass.biometric
-
-import android.app.KeyguardManager
-import android.content.Context
-import android.os.Build
-import android.security.keystore.KeyGenParameterSpec
-import android.security.keystore.KeyPermanentlyInvalidatedException
-import android.security.keystore.KeyProperties
-import android.util.Base64
-import android.util.Log
-import androidx.annotation.RequiresApi
-import androidx.biometric.BiometricManager
-import androidx.biometric.BiometricManager.Authenticators.BIOMETRIC_STRONG
-import androidx.biometric.BiometricManager.Authenticators.BIOMETRIC_WEAK
-import androidx.biometric.BiometricPrompt
-import androidx.fragment.app.FragmentActivity
-import com.kunzisoft.keepass.R
-import java.security.KeyStore
-import java.security.UnrecoverableKeyException
-import java.util.concurrent.Executors
-import javax.crypto.BadPaddingException
-import javax.crypto.Cipher
-import javax.crypto.KeyGenerator
-import javax.crypto.SecretKey
-import javax.crypto.spec.IvParameterSpec
-
-@RequiresApi(api = Build.VERSION_CODES.M)
-class BiometricUnlockDatabaseHelper(private val context: FragmentActivity) {
-
-    private var biometricPrompt: BiometricPrompt? = null
-
-    private var keyStore: KeyStore? = null
-    private var keyGenerator: KeyGenerator? = null
-    private var cipher: Cipher? = null
-    private var keyguardManager: KeyguardManager? = null
-    private var cryptoObject: BiometricPrompt.CryptoObject? = null
-
-    private var isKeyManagerInit = false
-    var authenticationCallback: BiometricPrompt.AuthenticationCallback? = null
-    var biometricUnlockCallback: BiometricUnlockCallback? = null
-
-    private val promptInfoStoreCredential = BiometricPrompt.PromptInfo.Builder().apply {
-        setTitle(context.getString(R.string.biometric_prompt_store_credential_title))
-        setDescription(context.getString(R.string.biometric_prompt_store_credential_message))
-        setConfirmationRequired(true)
-        // TODO device credential #102 #152
-        /*
-        if (keyguardManager?.isDeviceSecure == true)
-            setDeviceCredentialAllowed(true)
-        else
-        */
-        setNegativeButtonText(context.getString(android.R.string.cancel))
-    }.build()
-
-    private val promptInfoExtractCredential = BiometricPrompt.PromptInfo.Builder().apply {
-        setTitle(context.getString(R.string.biometric_prompt_extract_credential_title))
-        //setDescription(context.getString(R.string.biometric_prompt_extract_credential_message))
-        setConfirmationRequired(false)
-        // TODO device credential #102 #152
-        /*
-        if (keyguardManager?.isDeviceSecure == true)
-            setDeviceCredentialAllowed(true)
-        else
-        */
-        setNegativeButtonText(context.getString(android.R.string.cancel))
-    }.build()
-
-    val isKeyManagerInitialized: Boolean
-        get() {
-            if (!isKeyManagerInit) {
-                biometricUnlockCallback?.onBiometricException(Exception("Biometric not initialized"))
-            }
-            return isKeyManagerInit
-        }
-
-    init {
-        if (allowInitKeyStore(context)) {
-            this.keyguardManager = context.getSystemService(Context.KEYGUARD_SERVICE) as KeyguardManager?
-            try {
-                this.keyStore = KeyStore.getInstance(BIOMETRIC_KEYSTORE)
-                this.keyGenerator = KeyGenerator.getInstance(BIOMETRIC_KEY_ALGORITHM, BIOMETRIC_KEYSTORE)
-                this.cipher = Cipher.getInstance(
-                        BIOMETRIC_KEY_ALGORITHM + "/"
-                                + BIOMETRIC_BLOCKS_MODES + "/"
-                                + BIOMETRIC_ENCRYPTION_PADDING)
-                this.cryptoObject = BiometricPrompt.CryptoObject(cipher!!)
-                isKeyManagerInit = (keyStore != null
-                        && keyGenerator != null
-                        && cipher != null)
-            } catch (e: Exception) {
-                Log.e(TAG, "Unable to initialize the keystore", e)
-                isKeyManagerInit = false
-                biometricUnlockCallback?.onBiometricException(e)
-            }
-        } else {
-            // really not much to do when no fingerprint support found
-            isKeyManagerInit = false
-        }
-    }
-
-    private fun getSecretKey(): SecretKey? {
-        if (!isKeyManagerInitialized) {
-            return null
-        }
-        try {
-            // Create new key if needed
-            keyStore?.let { keyStore ->
-                keyStore.load(null)
-
-                try {
-                    if (!keyStore.containsAlias(BIOMETRIC_KEYSTORE_KEY)) {
-                        // Set the alias of the entry in Android KeyStore where the key will appear
-                        // and the constrains (purposes) in the constructor of the Builder
-                        keyGenerator?.init(
-                                KeyGenParameterSpec.Builder(
-                                        BIOMETRIC_KEYSTORE_KEY,
-                                        KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT)
-                                        .setBlockModes(KeyProperties.BLOCK_MODE_CBC)
-                                        .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
-                                        // Require the user to authenticate with a fingerprint to authorize every use
-                                        // of the key
-                                        .setUserAuthenticationRequired(true)
-                                        .build())
-                        keyGenerator?.generateKey()
-                    }
-                } catch (e: Exception) {
-                    Log.e(TAG, "Unable to create a key in keystore", e)
-                    biometricUnlockCallback?.onBiometricException(e)
-                }
-
-                return keyStore.getKey(BIOMETRIC_KEYSTORE_KEY, null) as SecretKey?
-            }
-        } catch (e: Exception) {
-            Log.e(TAG, "Unable to retrieve the key in keystore", e)
-            biometricUnlockCallback?.onBiometricException(e)
-        }
-        return null
-    }
-
-    fun initEncryptData(actionIfCypherInit
-                        : (biometricPrompt: BiometricPrompt?,
-                           cryptoObject: BiometricPrompt.CryptoObject?,
-                           promptInfo: BiometricPrompt.PromptInfo) -> Unit) {
-        if (!isKeyManagerInitialized) {
-            return
-        }
-        try {
-            getSecretKey()?.let { secretKey ->
-                cipher?.init(Cipher.ENCRYPT_MODE, secretKey)
-
-                initBiometricPrompt()
-                actionIfCypherInit.invoke(biometricPrompt, cryptoObject, promptInfoStoreCredential)
-            }
-
-        } catch (unrecoverableKeyException: UnrecoverableKeyException) {
-            Log.e(TAG, "Unable to initialize encrypt data", unrecoverableKeyException)
-            biometricUnlockCallback?.onInvalidKeyException(unrecoverableKeyException)
-        } catch (invalidKeyException: KeyPermanentlyInvalidatedException) {
-            Log.e(TAG, "Unable to initialize encrypt data", invalidKeyException)
-            biometricUnlockCallback?.onInvalidKeyException(invalidKeyException)
-        } catch (e: Exception) {
-            Log.e(TAG, "Unable to initialize encrypt data", e)
-            biometricUnlockCallback?.onBiometricException(e)
-        }
-    }
-
-    fun encryptData(value: String) {
-        if (!isKeyManagerInitialized) {
-            return
-        }
-        try {
-            val encrypted = cipher?.doFinal(value.toByteArray())
-            val encryptedBase64 = Base64.encodeToString(encrypted, Base64.NO_WRAP)
-
-            // passes updated iv spec on to callback so this can be stored for decryption
-            cipher?.parameters?.getParameterSpec(IvParameterSpec::class.java)?.let{ spec ->
-                val ivSpecValue = Base64.encodeToString(spec.iv, Base64.NO_WRAP)
-                biometricUnlockCallback?.handleEncryptedResult(encryptedBase64, ivSpecValue)
-            }
-
-        } catch (e: Exception) {
-            Log.e(TAG, "Unable to encrypt data", e)
-            biometricUnlockCallback?.onBiometricException(e)
-        }
-    }
-
-    fun initDecryptData(ivSpecValue: String, actionIfCypherInit
-    : (biometricPrompt: BiometricPrompt?,
-       cryptoObject: BiometricPrompt.CryptoObject?,
-       promptInfo: BiometricPrompt.PromptInfo) -> Unit) {
-        if (!isKeyManagerInitialized) {
-            return
-        }
-        try {
-            // important to restore spec here that was used for decryption
-            val iv = Base64.decode(ivSpecValue, Base64.NO_WRAP)
-            val spec = IvParameterSpec(iv)
-
-            getSecretKey()?.let { secretKey ->
-                cipher?.init(Cipher.DECRYPT_MODE, secretKey, spec)
-
-                initBiometricPrompt()
-                actionIfCypherInit.invoke(biometricPrompt, cryptoObject, promptInfoExtractCredential)
-            }
-
-        } catch (unrecoverableKeyException: UnrecoverableKeyException) {
-            Log.e(TAG, "Unable to initialize decrypt data", unrecoverableKeyException)
-            deleteEntryKey()
-        } catch (invalidKeyException: KeyPermanentlyInvalidatedException) {
-            Log.e(TAG, "Unable to initialize decrypt data", invalidKeyException)
-            biometricUnlockCallback?.onInvalidKeyException(invalidKeyException)
-        } catch (e: Exception) {
-            Log.e(TAG, "Unable to initialize decrypt data", e)
-            biometricUnlockCallback?.onBiometricException(e)
-        }
-    }
-
-    fun decryptData(encryptedValue: String) {
-        if (!isKeyManagerInitialized) {
-            return
-        }
-        try {
-            // actual decryption here
-            val encrypted = Base64.decode(encryptedValue, Base64.NO_WRAP)
-            cipher?.doFinal(encrypted)?.let { decrypted ->
-                biometricUnlockCallback?.handleDecryptedResult(String(decrypted))
-            }
-        } catch (badPaddingException: BadPaddingException) {
-            Log.e(TAG, "Unable to decrypt data", badPaddingException)
-            biometricUnlockCallback?.onInvalidKeyException(badPaddingException)
-        } catch (e: Exception) {
-            Log.e(TAG, "Unable to decrypt data", e)
-            biometricUnlockCallback?.onBiometricException(e)
-        }
-    }
-
-    fun deleteEntryKey() {
-        try {
-            keyStore?.load(null)
-            keyStore?.deleteEntry(BIOMETRIC_KEYSTORE_KEY)
-        } catch (e: Exception) {
-            Log.e(TAG, "Unable to delete entry key in keystore", e)
-            biometricUnlockCallback?.onBiometricException(e)
-        }
-    }
-
-    @Synchronized
-    fun initBiometricPrompt() {
-        if (biometricPrompt == null) {
-            authenticationCallback?.let {
-                biometricPrompt = BiometricPrompt(context, Executors.newSingleThreadExecutor(), it)
-            }
-        }
-    }
-
-    fun closeBiometricPrompt() {
-        biometricPrompt?.cancelAuthentication()
-    }
-
-    interface BiometricUnlockErrorCallback {
-        fun onInvalidKeyException(e: Exception)
-        fun onBiometricException(e: Exception)
-    }
-
-    interface BiometricUnlockCallback : BiometricUnlockErrorCallback {
-        fun handleEncryptedResult(encryptedValue: String, ivSpec: String)
-        fun handleDecryptedResult(decryptedValue: String)
-    }
-
-    companion object {
-
-        private val TAG = BiometricUnlockDatabaseHelper::class.java.name
-
-        private const val BIOMETRIC_KEYSTORE = "AndroidKeyStore"
-        private const val BIOMETRIC_KEYSTORE_KEY = "com.kunzisoft.keepass.biometric.key"
-        private const val BIOMETRIC_KEY_ALGORITHM = KeyProperties.KEY_ALGORITHM_AES
-        private const val BIOMETRIC_BLOCKS_MODES = KeyProperties.BLOCK_MODE_CBC
-        private const val BIOMETRIC_ENCRYPTION_PADDING = KeyProperties.ENCRYPTION_PADDING_PKCS7
-
-        fun canAuthenticate(context: Context): Int {
-            return try {
-                BiometricManager.from(context).canAuthenticate(BIOMETRIC_STRONG)
-            } catch (e: Exception) {
-                Log.e(TAG, "Unable to authenticate with strong biometric.", e)
-                try {
-                    BiometricManager.from(context).canAuthenticate(BIOMETRIC_WEAK)
-                } catch (e: Exception) {
-                    Log.e(TAG, "Unable to authenticate with weak biometric.", e)
-                    BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE
-                }
-            }
-        }
-
-        fun allowInitKeyStore(context: Context): Boolean {
-            val biometricCanAuthenticate = canAuthenticate(context)
-            return (  biometricCanAuthenticate == BiometricManager.BIOMETRIC_SUCCESS
-                    || biometricCanAuthenticate == BiometricManager.BIOMETRIC_STATUS_UNKNOWN
-                    )
-        }
-
-        fun unlockSupported(context: Context): Boolean {
-            val biometricCanAuthenticate = canAuthenticate(context)
-            return (  biometricCanAuthenticate == BiometricManager.BIOMETRIC_SUCCESS
-                    || biometricCanAuthenticate == BiometricManager.BIOMETRIC_STATUS_UNKNOWN
-                    || biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE
-                    || biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_NONE_ENROLLED
-                    || biometricCanAuthenticate == BiometricManager.BIOMETRIC_ERROR_SECURITY_UPDATE_REQUIRED
-                    )
-        }
-
-        /**
-         * Remove entry key in keystore
-         */
-        fun deleteEntryKeyInKeystoreForBiometric(context: FragmentActivity,
-                                                 biometricCallback: BiometricUnlockErrorCallback) {
-            BiometricUnlockDatabaseHelper(context).apply {
-                biometricUnlockCallback = object : BiometricUnlockCallback {
-
-                    override fun handleEncryptedResult(encryptedValue: String, ivSpec: String) {}
-
-                    override fun handleDecryptedResult(decryptedValue: String) {}
-
-                    override fun onInvalidKeyException(e: Exception) {
-                        biometricCallback.onInvalidKeyException(e)
-                    }
-
-                    override fun onBiometricException(e: Exception) {
-                        biometricCallback.onBiometricException(e)
-                    }
-                }
-                deleteEntryKey()
-            }
-        }
-    }
-
-}
--- a/app/src/main/java/com/kunzisoft/keepass/crypto/StreamCipherFactory.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/crypto/StreamCipherFactory.kt
@@ -29,11 +29,12 @@ object StreamCipherFactory {

    private val SALSA_IV = byteArrayOf(0xE8.toByte(), 0x30, 0x09, 0x4B, 0x97.toByte(), 0x20, 0x5D, 0x2A)

-    fun getInstance(alg: CrsAlgorithm?, key: ByteArray): StreamCipher? {
+    @Throws(Exception::class)
+    fun getInstance(alg: CrsAlgorithm?, key: ByteArray): StreamCipher {
        return when {
            alg === CrsAlgorithm.Salsa20 -> getSalsa20(key)
            alg === CrsAlgorithm.ChaCha20 -> getChaCha20(key)
-            else -> null
+            else -> throw Exception("Invalid random cipher")
        }
    }

--- a/app/src/main/java/com/kunzisoft/keepass/crypto/keyDerivation/AesKdf.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/crypto/keyDerivation/AesKdf.kt
@@ -42,7 +42,7 @@ class AesKdf : KdfEngine() {
            }
        }

-    override val defaultKeyRounds: Long = 6000L
+    override val defaultKeyRounds: Long = 500000L

    override fun getName(resources: Resources): String {
        return resources.getString(R.string.kdf_AES)
--- a/app/src/main/java/com/kunzisoft/keepass/crypto/keyDerivation/Argon2Kdf.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/crypto/keyDerivation/Argon2Kdf.kt
@@ -20,6 +20,7 @@
 package com.kunzisoft.keepass.crypto.keyDerivation

 import android.content.res.Resources
+import androidx.annotation.StringRes
 import com.kunzisoft.keepass.R
 import com.kunzisoft.keepass.stream.bytes16ToUuid
 import com.kunzisoft.keepass.utils.UnsignedInt
@@ -27,7 +28,11 @@ import java.io.IOException
 import java.security.SecureRandom
 import java.util.*

-class Argon2Kdf internal constructor() : KdfEngine() {
+class Argon2Kdf(private val type: Type) : KdfEngine() {
+
+    init {
+        uuid = type.CIPHER_UUID
+    }

    override val defaultParameters: KdfParameters
        get() {
@@ -45,12 +50,8 @@ class Argon2Kdf internal constructor() : KdfEngine() {
    override val defaultKeyRounds: Long
        get() = DEFAULT_ITERATIONS

-    init {
-        uuid = CIPHER_UUID
-    }
-
    override fun getName(resources: Resources): String {
-        return resources.getString(R.string.kdf_Argon2)
+        return resources.getString(type.nameId)
    }

    @Throws(IOException::class)
@@ -72,7 +73,9 @@ class Argon2Kdf internal constructor() : KdfEngine() {
        val secretKey = kdfParameters.getByteArray(PARAM_SECRET_KEY)
        val assocData = kdfParameters.getByteArray(PARAM_ASSOC_DATA)

-        return Argon2Native.transformKey(masterKey,
+        return Argon2Native.transformKey(
+                type,
+                masterKey,
                salt,
                parallelism,
                memory,
@@ -141,9 +144,8 @@ class Argon2Kdf internal constructor() : KdfEngine() {
    override val maxParallelism: Long
        get() = MAX_PARALLELISM

-    companion object {
-
-        val CIPHER_UUID: UUID = bytes16ToUuid(
+    enum class Type(val CIPHER_UUID: UUID, @StringRes val nameId: Int) {
+        ARGON2_D(bytes16ToUuid(
                byteArrayOf(0xEF.toByte(),
                        0x63.toByte(),
                        0x6D.toByte(),
@@ -159,7 +161,27 @@ class Argon2Kdf internal constructor() : KdfEngine() {
                        0x03.toByte(),
                        0xE3.toByte(),
                        0x0A.toByte(),
-                        0x0C.toByte()))
+                        0x0C.toByte())), R.string.kdf_Argon2d),
+        ARGON2_ID(bytes16ToUuid(
+                byteArrayOf(0x9E.toByte(),
+                        0x29.toByte(),
+                        0x8B.toByte(),
+                        0x19.toByte(),
+                        0x56.toByte(),
+                        0xDB.toByte(),
+                        0x47.toByte(),
+                        0x73.toByte(),
+                        0xB2.toByte(),
+                        0x3D.toByte(),
+                        0xFC.toByte(),
+                        0x3E.toByte(),
+                        0xC6.toByte(),
+                        0xF0.toByte(),
+                        0xA1.toByte(),
+                        0xE6.toByte())), R.string.kdf_Argon2id);
+    }
+
+    companion object {

        private const val PARAM_SALT = "S" // byte[]
        private const val PARAM_PARALLELISM = "P" // UInt32
--- a/app/src/main/java/com/kunzisoft/keepass/crypto/keyDerivation/Argon2Native.java
+++ b/app/src/main/java/com/kunzisoft/keepass/crypto/keyDerivation/Argon2Native.java
@@ -26,12 +26,29 @@ import java.io.IOException;

 public class Argon2Native {

-    public static byte[] transformKey(byte[] password, byte[] salt, UnsignedInt parallelism,
+    enum CType {
+        ARGON2_D(0),
+        ARGON2_I(1),
+        ARGON2_ID(2);
+
+        int cValue = 0;
+
+        CType(int i) {
+            cValue = i;
+        }
+    }
+
+    public static byte[] transformKey(Argon2Kdf.Type type, byte[] password, byte[] salt, UnsignedInt parallelism,
                                      UnsignedInt memory, UnsignedInt iterations, byte[] secretKey,
                                      byte[] associatedData, UnsignedInt version) throws IOException {
        NativeLib.INSTANCE.init();

+        CType cType = CType.ARGON2_D;
+        if (type.equals(Argon2Kdf.Type.ARGON2_ID))
+            cType = CType.ARGON2_ID;
+
        return nTransformMasterKey(
+                cType.cValue,
                password,
                salt,
                parallelism.toKotlinInt(),
@@ -42,7 +59,7 @@ public class Argon2Native {
                version.toKotlinInt());
    }

-    private static native byte[] nTransformMasterKey(byte[] password, byte[] salt, int parallelism,
+    private static native byte[] nTransformMasterKey(int type, byte[] password, byte[] salt, int parallelism,
                                              int memory, int iterations, byte[] secretKey,
                                              byte[] associatedData, int version) throws IOException;
 }
--- a/app/src/main/java/com/kunzisoft/keepass/crypto/keyDerivation/KdfFactory.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/crypto/keyDerivation/KdfFactory.kt
@@ -21,5 +21,6 @@ package com.kunzisoft.keepass.crypto.keyDerivation

 object KdfFactory {
    var aesKdf = AesKdf()
-    var argon2Kdf = Argon2Kdf()
+    var argon2dKdf = Argon2Kdf(Argon2Kdf.Type.ARGON2_D)
+    var argon2idKdf = Argon2Kdf(Argon2Kdf.Type.ARGON2_ID)
 }
--- a/app/src/main/java/com/kunzisoft/keepass/database/action/CreateDatabaseRunnable.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/action/CreateDatabaseRunnable.kt
@@ -26,7 +26,6 @@ import com.kunzisoft.keepass.app.database.FileDatabaseHistoryAction
 import com.kunzisoft.keepass.database.element.Database
 import com.kunzisoft.keepass.settings.PreferencesUtil
 import com.kunzisoft.keepass.utils.UriUtil
-import com.kunzisoft.keepass.utils.closeDatabase

 class CreateDatabaseRunnable(context: Context,
                             private val mDatabase: Database,
@@ -47,7 +46,7 @@ class CreateDatabaseRunnable(context: Context,
                createData(mDatabaseUri, databaseName, rootName)
            }
        } catch (e: Exception) {
-            mDatabase.closeAndClear(UriUtil.getBinaryDir(context))
+            mDatabase.clearAndClose(UriUtil.getBinaryDir(context))
            setError(e)
        }

--- a/app/src/main/java/com/kunzisoft/keepass/database/action/LoadDatabaseRunnable.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/action/LoadDatabaseRunnable.kt
@@ -31,7 +31,6 @@ import com.kunzisoft.keepass.settings.PreferencesUtil
 import com.kunzisoft.keepass.tasks.ActionRunnable
 import com.kunzisoft.keepass.tasks.ProgressTaskUpdater
 import com.kunzisoft.keepass.utils.UriUtil
-import com.kunzisoft.keepass.utils.closeDatabase

 class LoadDatabaseRunnable(private val context: Context,
                           private val mDatabase: Database,
@@ -47,7 +46,7 @@ class LoadDatabaseRunnable(private val context: Context,

    override fun onStartRun() {
        // Clear before we load
-        mDatabase.closeAndClear(UriUtil.getBinaryDir(context))
+        mDatabase.clearAndClose(UriUtil.getBinaryDir(context))
    }

    override fun onActionRun() {
@@ -59,9 +58,6 @@ class LoadDatabaseRunnable(private val context: Context,
                    mFixDuplicateUUID,
                    progressTaskUpdater)
        }
-        catch (e: DuplicateUuidDatabaseException) {
-            setError(e)
-        }
        catch (e: LoadDatabaseException) {
            setError(e)
        }
@@ -83,7 +79,7 @@ class LoadDatabaseRunnable(private val context: Context,
            // Register the current time to init the lock timer
            PreferencesUtil.saveCurrentTime(context)
        } else {
-            mDatabase.closeAndClear(UriUtil.getBinaryDir(context))
+            mDatabase.clearAndClose(UriUtil.getBinaryDir(context))
        }
    }

--- a/app/src/main/java/com/kunzisoft/keepass/database/action/ProgressDatabaseTaskProvider.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/action/ProgressDatabaseTaskProvider.kt
@@ -26,6 +26,8 @@ import android.net.Uri
 import android.os.Bundle
 import android.os.IBinder
 import androidx.fragment.app.FragmentActivity
+import com.kunzisoft.keepass.activities.dialogs.DatabaseChangedDialogFragment
+import com.kunzisoft.keepass.activities.dialogs.DatabaseChangedDialogFragment.Companion.DATABASE_CHANGED_DIALOG_TAG
 import com.kunzisoft.keepass.app.database.CipherDatabaseEntity
 import com.kunzisoft.keepass.crypto.keyDerivation.KdfEngine
 import com.kunzisoft.keepass.database.element.Entry
@@ -35,6 +37,7 @@ import com.kunzisoft.keepass.database.element.node.Node
 import com.kunzisoft.keepass.database.element.node.NodeId
 import com.kunzisoft.keepass.database.element.node.Type
 import com.kunzisoft.keepass.database.element.security.EncryptionAlgorithm
+import com.kunzisoft.keepass.model.SnapFileDatabaseInfo
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_ASSIGN_PASSWORD_TASK
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_COPY_NODES_TASK
@@ -44,6 +47,7 @@ import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Compa
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_DELETE_ENTRY_HISTORY
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_DELETE_NODES_TASK
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_LOAD_TASK
+import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_RELOAD_TASK
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_MOVE_NODES_TASK
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_REMOVE_UNLINKED_DATA_TASK
 import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService.Companion.ACTION_DATABASE_RESTORE_ENTRY_HISTORY
@@ -84,6 +88,7 @@ class ProgressDatabaseTaskProvider(private val activity: FragmentActivity) {
    private var serviceConnection: ServiceConnection? = null

    private var progressTaskDialogFragment: ProgressTaskDialogFragment? = null
+    private var databaseChangedDialogFragment: DatabaseChangedDialogFragment? = null

    private val actionTaskListener = object: DatabaseTaskNotificationService.ActionTaskListener {
        override fun onStartAction(titleId: Int?, messageId: Int?, warningId: Int?) {
@@ -101,6 +106,28 @@ class ProgressDatabaseTaskProvider(private val activity: FragmentActivity) {
        }
    }

+    private val mActionDatabaseListener = object: DatabaseChangedDialogFragment.ActionDatabaseChangedListener {
+        override fun validateDatabaseChanged() {
+            mBinder?.getService()?.saveDatabaseInfo()
+        }
+    }
+
+    private var databaseInfoListener = object: DatabaseTaskNotificationService.DatabaseInfoListener {
+        override fun onDatabaseInfoChanged(previousDatabaseInfo: SnapFileDatabaseInfo,
+                                           newDatabaseInfo: SnapFileDatabaseInfo) {
+            if (databaseChangedDialogFragment == null) {
+                databaseChangedDialogFragment = activity.supportFragmentManager
+                        .findFragmentByTag(DATABASE_CHANGED_DIALOG_TAG) as DatabaseChangedDialogFragment?
+                databaseChangedDialogFragment?.actionDatabaseListener = mActionDatabaseListener
+            }
+            if (progressTaskDialogFragment == null) {
+                databaseChangedDialogFragment = DatabaseChangedDialogFragment.getInstance(previousDatabaseInfo, newDatabaseInfo)
+                databaseChangedDialogFragment?.actionDatabaseListener = mActionDatabaseListener
+                databaseChangedDialogFragment?.show(activity.supportFragmentManager, DATABASE_CHANGED_DIALOG_TAG)
+            }
+        }
+    }
+
    private fun startDialog(titleId: Int? = null,
                            messageId: Int? = null,
                            warningId: Int? = null) {
@@ -140,11 +167,14 @@ class ProgressDatabaseTaskProvider(private val activity: FragmentActivity) {
                override fun onServiceConnected(name: ComponentName?, serviceBinder: IBinder?) {
                    mBinder = (serviceBinder as DatabaseTaskNotificationService.ActionTaskBinder?)?.apply {
                        addActionTaskListener(actionTaskListener)
+                        addDatabaseFileInfoListener(databaseInfoListener)
                        getService().checkAction()
+                        getService().checkDatabaseInfo()
                    }
                }

                override fun onServiceDisconnected(name: ComponentName?) {
+                    mBinder?.removeDatabaseFileInfoListener(databaseInfoListener)
                    mBinder?.removeActionTaskListener(actionTaskListener)
                    mBinder = null
                }
@@ -206,6 +236,7 @@ class ProgressDatabaseTaskProvider(private val activity: FragmentActivity) {
    fun unregisterProgressTask() {
        stopDialog()

+        mBinder?.removeDatabaseFileInfoListener(databaseInfoListener)
        mBinder?.removeActionTaskListener(actionTaskListener)
        mBinder = null

@@ -264,6 +295,13 @@ class ProgressDatabaseTaskProvider(private val activity: FragmentActivity) {
                , ACTION_DATABASE_LOAD_TASK)
    }

+    fun startDatabaseReload(fixDuplicateUuid: Boolean) {
+        start(Bundle().apply {
+            putBoolean(DatabaseTaskNotificationService.FIX_DUPLICATE_UUID_KEY, fixDuplicateUuid)
+        }
+                , ACTION_DATABASE_RELOAD_TASK)
+    }
+
    fun startDatabaseAssignPassword(databaseUri: Uri,
                                    masterPasswordChecked: Boolean,
                                    masterPassword: String?,
--- a/app/src/main/java/com/kunzisoft/keepass/database/action/ReloadDatabaseRunnable.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/action/ReloadDatabaseRunnable.kt
@@ -0,0 +1,63 @@
+/*
+ * Copyright 2019 Jeremy Jamet / Kunzisoft.
+ *     
+ * This file is part of KeePassDX.
+ *
+ *  KeePassDX is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  KeePassDX is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with KeePassDX.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+package com.kunzisoft.keepass.database.action
+
+import android.content.Context
+import com.kunzisoft.keepass.database.element.Database
+import com.kunzisoft.keepass.database.exception.DuplicateUuidDatabaseException
+import com.kunzisoft.keepass.database.exception.LoadDatabaseException
+import com.kunzisoft.keepass.settings.PreferencesUtil
+import com.kunzisoft.keepass.tasks.ActionRunnable
+import com.kunzisoft.keepass.tasks.ProgressTaskUpdater
+import com.kunzisoft.keepass.utils.UriUtil
+
+class ReloadDatabaseRunnable(private val context: Context,
+                             private val mDatabase: Database,
+                             private val progressTaskUpdater: ProgressTaskUpdater?,
+                             private val mLoadDatabaseResult: ((Result) -> Unit)?)
+    : ActionRunnable() {
+
+    override fun onStartRun() {
+        // Clear before we load
+        mDatabase.clear(UriUtil.getBinaryDir(context))
+    }
+
+    override fun onActionRun() {
+        try {
+            mDatabase.reloadData(context.contentResolver,
+                    UriUtil.getBinaryDir(context),
+                    progressTaskUpdater)
+        }
+        catch (e: LoadDatabaseException) {
+            setError(e)
+        }
+
+        if (result.isSuccess) {
+            // Register the current time to init the lock timer
+            PreferencesUtil.saveCurrentTime(context)
+        } else {
+            mDatabase.clearAndClose(UriUtil.getBinaryDir(context))
+        }
+    }
+
+    override fun onFinishRun() {
+        mLoadDatabaseResult?.invoke(result)
+    }
+}
--- a/app/src/main/java/com/kunzisoft/keepass/database/element/Database.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/element/Database.kt
@@ -31,10 +31,7 @@ import com.kunzisoft.keepass.database.element.node.NodeId
 import com.kunzisoft.keepass.database.element.node.NodeIdInt
 import com.kunzisoft.keepass.database.element.node.NodeIdUUID
 import com.kunzisoft.keepass.database.element.security.EncryptionAlgorithm
-import com.kunzisoft.keepass.database.exception.DatabaseOutputException
-import com.kunzisoft.keepass.database.exception.FileNotFoundDatabaseException
-import com.kunzisoft.keepass.database.exception.LoadDatabaseException
-import com.kunzisoft.keepass.database.exception.SignatureDatabaseException
+import com.kunzisoft.keepass.database.exception.*
 import com.kunzisoft.keepass.database.file.DatabaseHeaderKDB
 import com.kunzisoft.keepass.database.file.DatabaseHeaderKDBX
 import com.kunzisoft.keepass.database.file.input.DatabaseInputKDB
@@ -330,29 +327,11 @@ class Database {
    }

    @Throws(LoadDatabaseException::class)
-    fun loadData(uri: Uri, password: String?, keyfile: Uri?,
-                 readOnly: Boolean,
-                 contentResolver: ContentResolver,
-                 cacheDirectory: File,
-                 fixDuplicateUUID: Boolean,
-                 progressTaskUpdater: ProgressTaskUpdater?) {
-
-        this.fileUri = uri
-        isReadOnly = readOnly
-        if (uri.scheme == "file") {
-            val file = File(uri.path!!)
-            isReadOnly = !file.canWrite()
-        }
-
-        // Pass KeyFile Uri as InputStreams
+    private fun readDatabaseStream(contentResolver: ContentResolver, uri: Uri,
+                                   openDatabaseKDB: (InputStream) -> DatabaseKDB,
+                                   openDatabaseKDBX: (InputStream) -> DatabaseKDBX) {
        var databaseInputStream: InputStream? = null
-        var keyFileInputStream: InputStream? = null
        try {
-            // Get keyFile inputStream
-            keyfile?.let {
-                keyFileInputStream = UriUtil.getUriInputStream(contentResolver, keyfile)
-            }
-
            // Load Data, pass Uris as InputStreams
            val databaseStream = UriUtil.getUriInputStream(contentResolver, uri)
                    ?: throw IOException("Database input stream cannot be retrieve")
@@ -374,22 +353,10 @@ class Database {

            when {
                // Header of database KDB
-                DatabaseHeaderKDB.matchesHeader(sig1, sig2) -> setDatabaseKDB(DatabaseInputKDB(
-                        cacheDirectory,
-                        fixDuplicateUUID)
-                        .openDatabase(databaseInputStream,
-                                password,
-                                keyFileInputStream,
-                                progressTaskUpdater))
+                DatabaseHeaderKDB.matchesHeader(sig1, sig2) -> setDatabaseKDB(openDatabaseKDB(databaseInputStream))

                // Header of database KDBX
-                DatabaseHeaderKDBX.matchesHeader(sig1, sig2) -> setDatabaseKDBX(DatabaseInputKDBX(
-                        cacheDirectory,
-                        fixDuplicateUUID)
-                        .openDatabase(databaseInputStream,
-                                password,
-                                keyFileInputStream,
-                                progressTaskUpdater))
+                DatabaseHeaderKDBX.matchesHeader(sig1, sig2) -> setDatabaseKDBX(openDatabaseKDBX(databaseInputStream))

                // Header not recognized
                else -> throw SignatureDatabaseException()
@@ -397,14 +364,90 @@ class Database {

            this.mSearchHelper = SearchHelper()
            loaded = true
+        } catch (e: LoadDatabaseException) {
+            throw e
+        } finally {
+            databaseInputStream?.close()
+        }
+    }

+    @Throws(LoadDatabaseException::class)
+    fun loadData(uri: Uri, password: String?, keyfile: Uri?,
+                 readOnly: Boolean,
+                 contentResolver: ContentResolver,
+                 cacheDirectory: File,
+                 fixDuplicateUUID: Boolean,
+                 progressTaskUpdater: ProgressTaskUpdater?) {
+
+        // Save database URI
+        this.fileUri = uri
+
+        // Check if the file is writable
+        this.isReadOnly = readOnly
+
+        // Pass KeyFile Uri as InputStreams
+        var keyFileInputStream: InputStream? = null
+        try {
+            // Get keyFile inputStream
+            keyfile?.let {
+                keyFileInputStream = UriUtil.getUriInputStream(contentResolver, keyfile)
+            }
+
+            // Read database stream for the first time
+            readDatabaseStream(contentResolver, uri,
+                    { databaseInputStream ->
+                        DatabaseInputKDB(cacheDirectory)
+                                .openDatabase(databaseInputStream,
+                                        password,
+                                        keyFileInputStream,
+                                        progressTaskUpdater,
+                                        fixDuplicateUUID)
+                    },
+                    { databaseInputStream ->
+                        DatabaseInputKDBX(cacheDirectory)
+                                .openDatabase(databaseInputStream,
+                                        password,
+                                        keyFileInputStream,
+                                        progressTaskUpdater,
+                                        fixDuplicateUUID)
+                    }
+            )
+        } catch (e: FileNotFoundException) {
+            Log.e(TAG, "Unable to load keyfile", e)
+            throw FileNotFoundDatabaseException()
        } catch (e: LoadDatabaseException) {
            throw e
        } catch (e: Exception) {
-            throw FileNotFoundDatabaseException()
+            throw LoadDatabaseException(e)
        } finally {
            keyFileInputStream?.close()
-            databaseInputStream?.close()
+        }
+    }
+
+    @Throws(LoadDatabaseException::class)
+    fun reloadData(contentResolver: ContentResolver,
+                   cacheDirectory: File,
+                   progressTaskUpdater: ProgressTaskUpdater?) {
+
+        // Retrieve the stream from the old database URI
+        fileUri?.let { oldDatabaseUri ->
+            readDatabaseStream(contentResolver, oldDatabaseUri,
+                    { databaseInputStream ->
+                        DatabaseInputKDB(cacheDirectory)
+                                .openDatabase(databaseInputStream,
+                                        masterKey,
+                                        progressTaskUpdater)
+                    },
+                    { databaseInputStream ->
+                        DatabaseInputKDBX(cacheDirectory)
+                                .openDatabase(databaseInputStream,
+                                        masterKey,
+                                        progressTaskUpdater)
+                    }
+            )
+        } ?: run {
+            Log.e(TAG, "Database URI is null, database cannot be reloaded")
+            throw IODatabaseException()
        }
    }

@@ -426,11 +469,12 @@ class Database {
                                         max: Int = Integer.MAX_VALUE): Group? {
        return mSearchHelper?.createVirtualGroupWithSearchResult(this,
                searchInfoString, SearchParameters().apply {
-            searchInTitles = false
+            searchInTitles = true
            searchInUserNames = false
            searchInPasswords = false
            searchInUrls = true
            searchInNotes = true
+            searchInOTP = false
            searchInOther = true
            searchInUUIDs = false
            searchInTags = false
@@ -530,7 +574,7 @@ class Database {
        this.fileUri = uri
    }

-    fun closeAndClear(filesDirectory: File? = null) {
+    fun clear(filesDirectory: File? = null) {
        drawFactory.clearCache()
        // Delete the cache of the database if present
        mDatabaseKDB?.clearCache()
@@ -543,7 +587,10 @@ class Database {
        } catch (e: Exception) {
            Log.e(TAG, "Unable to clear the directory cache.", e)
        }
+    }

+    fun clearAndClose(filesDirectory: File? = null) {
+        clear(filesDirectory)
        this.mDatabaseKDB = null
        this.mDatabaseKDBX = null
        this.fileUri = null
--- a/app/src/main/java/com/kunzisoft/keepass/database/element/Entry.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/element/Entry.kt
@@ -411,8 +411,8 @@ class Entry : Node, EntryVersionedInterface<Group> {
     */

    /**
-     * Retrieve generated entry info,
-     * Remove parameter fields and add auto generated elements in auto custom fields
+     * Retrieve generated entry info.
+     * If are not [raw] data, remove parameter fields and add auto generated elements in auto custom fields
     */
    fun getEntryInfo(database: Database?, raw: Boolean = false): EntryInfo {
        val entryInfo = EntryInfo()
@@ -426,6 +426,8 @@ class Entry : Node, EntryVersionedInterface<Group> {
        entryInfo.icon = icon
        entryInfo.username = username
        entryInfo.password = password
+        entryInfo.creationTime = creationTime
+        entryInfo.modificationTime = lastModificationTime
        entryInfo.expires = expires
        entryInfo.expiryTime = expiryTime
        entryInfo.url = url
@@ -456,6 +458,9 @@ class Entry : Node, EntryVersionedInterface<Group> {
        icon = newEntryInfo.icon
        username = newEntryInfo.username
        password = newEntryInfo.password
+        // Update date time, creation time stay as is
+        lastModificationTime = DateInstant()
+        lastAccessTime = DateInstant()
        expires = newEntryInfo.expires
        expiryTime = newEntryInfo.expiryTime
        url = newEntryInfo.url
@@ -464,9 +469,6 @@ class Entry : Node, EntryVersionedInterface<Group> {
        database?.binaryPool?.let { binaryPool ->
            addAttachments(binaryPool, newEntryInfo.attachments)
        }
-        // Update date time
-        lastAccessTime = DateInstant()
-        lastModificationTime = DateInstant()

        database?.stopManageEntry(this)
    }
@@ -500,5 +502,12 @@ class Entry : Node, EntryVersionedInterface<Group> {
        }

        const val PMS_TAN_ENTRY = "<TAN>"
+
+        /**
+         * True if [field] name is not a standard field name
+         */
+        fun newExtraFieldNameAllowed(field: Field): Boolean {
+            return EntryKDBX.newCustomNameAllowed(field.name)
+        }
    }
 }
--- a/app/src/main/java/com/kunzisoft/keepass/database/element/database/DatabaseKDB.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/element/database/DatabaseKDB.kt
@@ -163,10 +163,6 @@ class DatabaseKDB : DatabaseVersioned<Int, UUID, GroupKDB, EntryKDB>() {
        finalKey = messageDigest.digest()
    }

-    override fun loadXmlKeyFile(keyInputStream: InputStream): ByteArray? {
-        return null
-    }
-
    override fun createGroup(): GroupKDB {
        return GroupKDB()
    }
--- a/app/src/main/java/com/kunzisoft/keepass/database/element/database/DatabaseKDBX.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/element/database/DatabaseKDBX.kt
@@ -43,10 +43,12 @@ import com.kunzisoft.keepass.database.element.security.MemoryProtectionConfig
 import com.kunzisoft.keepass.database.exception.UnknownKDF
 import com.kunzisoft.keepass.database.file.DatabaseHeaderKDBX.Companion.FILE_VERSION_32_3
 import com.kunzisoft.keepass.database.file.DatabaseHeaderKDBX.Companion.FILE_VERSION_32_4
+import com.kunzisoft.keepass.utils.StringUtil.hexStringToByteArray
+import com.kunzisoft.keepass.utils.StringUtil.removeSpaceChars
+import com.kunzisoft.keepass.utils.StringUtil.toHexString
 import com.kunzisoft.keepass.utils.UnsignedInt
 import com.kunzisoft.keepass.utils.VariantDictionary
 import org.w3c.dom.Node
-import org.w3c.dom.Text
 import java.io.File
 import java.io.IOException
 import java.io.InputStream
@@ -113,7 +115,8 @@ class DatabaseKDBX : DatabaseVersioned<UUID, UUID, GroupKDBX, EntryKDBX> {

    init {
        kdfList.add(KdfFactory.aesKdf)
-        kdfList.add(KdfFactory.argon2Kdf)
+        kdfList.add(KdfFactory.argon2dKdf)
+        kdfList.add(KdfFactory.argon2idKdf)
    }

    constructor()
@@ -179,7 +182,8 @@ class DatabaseKDBX : DatabaseVersioned<UUID, UUID, GroupKDBX, EntryKDBX> {
        when (oldCompression) {
            CompressionAlgorithm.None -> {
                when (newCompression) {
-                    CompressionAlgorithm.None -> {}
+                    CompressionAlgorithm.None -> {
+                    }
                    CompressionAlgorithm.GZip -> {
                        // Only in databaseV3.1, in databaseV4 the header is zipped during the save
                        if (kdbxVersion.toKotlinLong() < FILE_VERSION_32_4.toKotlinLong()) {
@@ -197,7 +201,8 @@ class DatabaseKDBX : DatabaseVersioned<UUID, UUID, GroupKDBX, EntryKDBX> {
                        CompressionAlgorithm.None -> {
                            decompressAllBinaries()
                        }
-                        CompressionAlgorithm.GZip -> {}
+                        CompressionAlgorithm.GZip -> {
+                        }
                    }
                }
            }
@@ -377,36 +382,79 @@ class DatabaseKDBX : DatabaseVersioned<UUID, UUID, GroupKDBX, EntryKDBX> {
            try {
                documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true)
            } catch (e : ParserConfigurationException) {
-                Log.e(TAG, "Unable to add FEATURE_SECURE_PROCESSING to prevent XML eXternal Entity injection (XXE)", e)
+                Log.w(TAG, "Unable to add FEATURE_SECURE_PROCESSING to prevent XML eXternal Entity injection (XXE)")
            }

            val documentBuilder = documentBuilderFactory.newDocumentBuilder()
            val doc = documentBuilder.parse(keyInputStream)

+            var xmlKeyFileVersion = 1F
+
            val docElement = doc.documentElement
-            if (docElement == null || !docElement.nodeName.equals(RootElementName, ignoreCase = true)) {
+            val keyFileChildNodes = docElement.childNodes
+            // <KeyFile> Root node
+            if (docElement == null
+                    || !docElement.nodeName.equals(XML_NODE_ROOT_NAME, ignoreCase = true)) {
                return null
            }
-
-            val children = docElement.childNodes
-            if (children.length < 2) {
+            if (keyFileChildNodes.length < 2)
                return null
-            }
-
-            for (i in 0 until children.length) {
-                val child = children.item(i)
-
-                if (child.nodeName.equals(KeyElementName, ignoreCase = true)) {
-                    val keyChildren = child.childNodes
-                    for (j in 0 until keyChildren.length) {
-                        val keyChild = keyChildren.item(j)
-                        if (keyChild.nodeName.equals(KeyDataElementName, ignoreCase = true)) {
-                            val children2 = keyChild.childNodes
-                            for (k in 0 until children2.length) {
-                                val text = children2.item(k)
-                                if (text.nodeType == Node.TEXT_NODE) {
-                                    val txt = text as Text
-                                    return Base64.decode(txt.nodeValue, BASE_64_FLAG)
+            for (keyFileChildPosition in 0 until keyFileChildNodes.length) {
+                val keyFileChildNode = keyFileChildNodes.item(keyFileChildPosition)
+                // <Meta>
+                if (keyFileChildNode.nodeName.equals(XML_NODE_META_NAME, ignoreCase = true)) {
+                    val metaChildNodes = keyFileChildNode.childNodes
+                    for (metaChildPosition in 0 until metaChildNodes.length) {
+                        val metaChildNode = metaChildNodes.item(metaChildPosition)
+                        // <Version>
+                        if (metaChildNode.nodeName.equals(XML_NODE_VERSION_NAME, ignoreCase = true)) {
+                            val versionChildNodes = metaChildNode.childNodes
+                            for (versionChildPosition in 0 until versionChildNodes.length) {
+                                val versionChildNode = versionChildNodes.item(versionChildPosition)
+                                if (versionChildNode.nodeType == Node.TEXT_NODE) {
+                                    val versionText = versionChildNode.textContent.removeSpaceChars()
+                                    try {
+                                        xmlKeyFileVersion = versionText.toFloat()
+                                        Log.i(TAG, "Reading XML KeyFile version : $xmlKeyFileVersion")
+                                    } catch (e: Exception) {
+                                        Log.e(TAG, "XML Keyfile version cannot be read : $versionText")
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+                // <Key>
+                if (keyFileChildNode.nodeName.equals(XML_NODE_KEY_NAME, ignoreCase = true)) {
+                    val keyChildNodes = keyFileChildNode.childNodes
+                    for (keyChildPosition in 0 until keyChildNodes.length) {
+                        val keyChildNode = keyChildNodes.item(keyChildPosition)
+                        // <Data>
+                        if (keyChildNode.nodeName.equals(XML_NODE_DATA_NAME, ignoreCase = true)) {
+                            var hashString : String? = null
+                            if (keyChildNode.hasAttributes()) {
+                                val dataNodeAttributes = keyChildNode.attributes
+                                hashString = dataNodeAttributes
+                                        .getNamedItem(XML_ATTRIBUTE_DATA_HASH).nodeValue
+                            }
+                            val dataChildNodes = keyChildNode.childNodes
+                            for (dataChildPosition in 0 until dataChildNodes.length) {
+                                val dataChildNode = dataChildNodes.item(dataChildPosition)
+                                if (dataChildNode.nodeType == Node.TEXT_NODE) {
+                                    val dataString = dataChildNode.textContent.removeSpaceChars()
+                                    when (xmlKeyFileVersion) {
+                                        1F -> {
+                                            // No hash in KeyFile XML version 1
+                                        }
+                                        2F -> {
+                                            if (hashString != null
+                                                    && checkKeyFileHash(dataString, hashString))
+                                                Log.i(TAG, "Successful key file hash check.")
+                                            else
+                                                Log.e(TAG, "Unable to check the hash of the key file.")
+                                        }
+                                    }
+                                    return Base64.decode(dataString, BASE_64_FLAG)
                                }
                            }
                        }
@@ -416,10 +464,26 @@ class DatabaseKDBX : DatabaseVersioned<UUID, UUID, GroupKDBX, EntryKDBX> {
        } catch (e: Exception) {
            return null
        }
-
        return null
    }

+    private fun checkKeyFileHash(data: String, hash: String): Boolean {
+        val digest: MessageDigest?
+        var success = false
+        try {
+            digest = MessageDigest.getInstance("SHA-256")
+            digest?.reset()
+            // hexadecimal encoding of the first 4 bytes of the SHA-256 hash of the key.
+            val dataDigest = digest.digest(data.hexStringToByteArray())
+                    .copyOfRange(0, 4)
+                    .toHexString()
+            success = dataDigest == hash
+        } catch (e: NoSuchAlgorithmException) {
+            e.printStackTrace()
+        }
+        return success
+    }
+
    override fun newGroupId(): NodeIdUUID {
        var newId: NodeIdUUID
        do {
@@ -633,11 +697,12 @@ class DatabaseKDBX : DatabaseVersioned<UUID, UUID, GroupKDBX, EntryKDBX> {
        private const val DEFAULT_HISTORY_MAX_ITEMS = 10 // -1 unlimited
        private const val DEFAULT_HISTORY_MAX_SIZE = (6 * 1024 * 1024).toLong() // -1 unlimited

-        private const val RootElementName = "KeyFile"
-        //private const val MetaElementName = "Meta";
-        //private const val VersionElementName = "Version";
-        private const val KeyElementName = "Key"
-        private const val KeyDataElementName = "Data"
+        private const val XML_NODE_ROOT_NAME = "KeyFile"
+        private const val XML_NODE_META_NAME = "Meta";
+        private const val XML_NODE_VERSION_NAME = "Version";
+        private const val XML_NODE_KEY_NAME = "Key"
+        private const val XML_NODE_DATA_NAME = "Data"
+        private const val XML_ATTRIBUTE_DATA_HASH = "Hash"

        const val BASE_64_FLAG = Base64.NO_WRAP

--- a/app/src/main/java/com/kunzisoft/keepass/database/element/database/DatabaseVersioned.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/element/database/DatabaseVersioned.kt
@@ -27,7 +27,10 @@ import com.kunzisoft.keepass.database.element.node.NodeId
 import com.kunzisoft.keepass.database.element.node.Type
 import com.kunzisoft.keepass.database.element.security.EncryptionAlgorithm
 import com.kunzisoft.keepass.database.exception.DuplicateUuidDatabaseException
-import java.io.*
+import java.io.ByteArrayInputStream
+import java.io.IOException
+import java.io.InputStream
+import java.io.UnsupportedEncodingException
 import java.security.MessageDigest
 import java.security.NoSuchAlgorithmException
 import java.util.*
@@ -124,42 +127,30 @@ abstract class DatabaseVersioned<
    @Throws(IOException::class)
    protected fun getFileKey(keyInputStream: InputStream): ByteArray {

-        val keyByteArrayOutputStream = ByteArrayOutputStream()
-        keyInputStream.copyTo(keyByteArrayOutputStream)
-        val keyData = keyByteArrayOutputStream.toByteArray()
+        val keyData = keyInputStream.readBytes()

-        val keyByteArrayInputStream = ByteArrayInputStream(keyData)
-        val key = loadXmlKeyFile(keyByteArrayInputStream)
-        if (key != null) {
-            return key
+        // Check 32 bits key file
+        if (keyData.size == 32) {
+            return keyData
        }

-        when (keyData.size.toLong()) {
-            32L -> return keyData
-            64L -> try {
-                return hexStringToByteArray(String(keyData))
-            } catch (e: IndexOutOfBoundsException) {
-                // Key is not base 64, treat it as binary data
-            }
+        // Check XML key file
+        val xmlKeyByteArray = loadXmlKeyFile(ByteArrayInputStream(keyData))
+        if (xmlKeyByteArray != null) {
+            return xmlKeyByteArray
        }

-        val messageDigest: MessageDigest
+        // Hash file as binary data
        try {
-            messageDigest = MessageDigest.getInstance("SHA-256")
+            return MessageDigest.getInstance("SHA-256").digest(keyData)
        } catch (e: NoSuchAlgorithmException) {
            throw IOException("SHA-256 not supported")
        }
-
-        try {
-            messageDigest.update(keyData)
-        } catch (e: Exception) {
-            println(e.toString())
-        }
-
-        return messageDigest.digest()
    }

-    protected abstract fun loadXmlKeyFile(keyInputStream: InputStream): ByteArray?
+    protected open fun loadXmlKeyFile(keyInputStream: InputStream): ByteArray? {
+        return null
+    }

    open fun validatePasswordEncoding(password: String?, containsKeyFile: Boolean): Boolean {
        if (password == null && !containsKeyFile)
@@ -391,16 +382,5 @@ abstract class DatabaseVersioned<
        private const val TAG = "DatabaseVersioned"

        val UUID_ZERO = UUID(0, 0)
-
-        fun hexStringToByteArray(s: String): ByteArray {
-            val len = s.length
-            val data = ByteArray(len / 2)
-            var i = 0
-            while (i < len) {
-                data[i / 2] = ((Character.digit(s[i], 16) shl 4) + Character.digit(s[i + 1], 16)).toByte()
-                i += 2
-            }
-            return data
-        }
    }
 }
--- a/app/src/main/java/com/kunzisoft/keepass/database/element/entry/EntryKDBX.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/element/entry/EntryKDBX.kt
@@ -369,6 +369,14 @@ class EntryKDBX : EntryVersioned<UUID, UUID, GroupKDBX, EntryKDBX>, NodeKDBXInte
        const val STR_URL = "URL"
        const val STR_NOTES = "Notes"

+        fun newCustomNameAllowed(name: String): Boolean {
+            return !(name.equals(STR_TITLE, true)
+                    || name.equals(STR_USERNAME, true)
+                    || name.equals(STR_PASSWORD, true)
+                    || name.equals(STR_URL, true)
+                    || name.equals(STR_NOTES, true))
+        }
+
        @JvmField
        val CREATOR: Parcelable.Creator<EntryKDBX> = object : Parcelable.Creator<EntryKDBX> {
            override fun createFromParcel(parcel: Parcel): EntryKDBX {
--- a/app/src/main/java/com/kunzisoft/keepass/database/exception/DatabaseException.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/exception/DatabaseException.kt
@@ -43,20 +43,12 @@ abstract class DatabaseException : Exception {
 }

 open class LoadDatabaseException : DatabaseException {
-
    @StringRes
    override var errorId: Int = R.string.error_load_database
    constructor() : super()
    constructor(throwable: Throwable) : super(throwable)
 }

-class ArcFourDatabaseException : LoadDatabaseException {
-    @StringRes
-    override var errorId: Int = R.string.error_arc4
-    constructor() : super()
-    constructor(exception: Throwable) : super(exception)
-}
-
 class FileNotFoundDatabaseException : LoadDatabaseException {
    @StringRes
    override var errorId: Int = R.string.file_not_found_content
@@ -67,7 +59,6 @@ class FileNotFoundDatabaseException : LoadDatabaseException {
 class InvalidAlgorithmDatabaseException : LoadDatabaseException {
    @StringRes
    override var errorId: Int = R.string.invalid_algorithm
-
    constructor() : super()
    constructor(exception: Throwable) : super(exception)
 }
--- a/app/src/main/java/com/kunzisoft/keepass/database/file/input/DatabaseInput.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/file/input/DatabaseInput.kt
@@ -41,6 +41,13 @@ abstract class DatabaseInput<PwDb : DatabaseVersioned<*, *, *, *>>
    abstract fun openDatabase(databaseInputStream: InputStream,
                              password: String?,
                              keyInputStream: InputStream?,
-                              progressTaskUpdater: ProgressTaskUpdater?): PwDb
+                              progressTaskUpdater: ProgressTaskUpdater?,
+                              fixDuplicateUUID: Boolean = false): PwDb

+
+    @Throws(LoadDatabaseException::class)
+    abstract fun openDatabase(databaseInputStream: InputStream,
+                              masterKey: ByteArray,
+                              progressTaskUpdater: ProgressTaskUpdater?,
+                              fixDuplicateUUID: Boolean = false): PwDb
 }
--- a/app/src/main/java/com/kunzisoft/keepass/database/file/input/DatabaseInputKDB.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/file/input/DatabaseInputKDB.kt
@@ -45,8 +45,7 @@ import javax.crypto.spec.SecretKeySpec
 /**
 * Load a KDB database file.
 */
-class DatabaseInputKDB(cacheDirectory: File,
-                        private val fixDuplicateUUID: Boolean = false)
+class DatabaseInputKDB(cacheDirectory: File)
    : DatabaseInput<DatabaseKDB>(cacheDirectory) {

    private lateinit var mDatabaseToOpen: DatabaseKDB
@@ -55,7 +54,28 @@ class DatabaseInputKDB(cacheDirectory: File,
    override fun openDatabase(databaseInputStream: InputStream,
                              password: String?,
                              keyInputStream: InputStream?,
-                              progressTaskUpdater: ProgressTaskUpdater?): DatabaseKDB {
+                              progressTaskUpdater: ProgressTaskUpdater?,
+                              fixDuplicateUUID: Boolean): DatabaseKDB {
+        return openDatabase(databaseInputStream, progressTaskUpdater, fixDuplicateUUID) {
+            mDatabaseToOpen.retrieveMasterKey(password, keyInputStream)
+        }
+    }
+
+    @Throws(LoadDatabaseException::class)
+    override fun openDatabase(databaseInputStream: InputStream,
+                              masterKey: ByteArray,
+                              progressTaskUpdater: ProgressTaskUpdater?,
+                              fixDuplicateUUID: Boolean): DatabaseKDB {
+        return openDatabase(databaseInputStream, progressTaskUpdater, fixDuplicateUUID) {
+            mDatabaseToOpen.masterKey = masterKey
+        }
+    }
+
+    @Throws(LoadDatabaseException::class)
+    private fun openDatabase(databaseInputStream: InputStream,
+                             progressTaskUpdater: ProgressTaskUpdater?,
+                             fixDuplicateUUID: Boolean,
+                             assignMasterKey: (() -> Unit)? = null): DatabaseKDB {

        try {
            // Load entire file, most of it's encrypted.
@@ -84,7 +104,7 @@ class DatabaseInputKDB(cacheDirectory: File,
            mDatabaseToOpen = DatabaseKDB()

            mDatabaseToOpen.changeDuplicateId = fixDuplicateUUID
-            mDatabaseToOpen.retrieveMasterKey(password, keyInputStream)
+            assignMasterKey?.invoke()

            // Select algorithm
            when {
--- a/app/src/main/java/com/kunzisoft/keepass/database/file/input/DatabaseInputKDBX.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/file/input/DatabaseInputKDBX.kt
@@ -25,9 +25,10 @@ import com.kunzisoft.keepass.R
 import com.kunzisoft.keepass.crypto.CipherFactory
 import com.kunzisoft.keepass.crypto.StreamCipherFactory
 import com.kunzisoft.keepass.crypto.engine.CipherEngine
+import com.kunzisoft.keepass.database.element.Attachment
 import com.kunzisoft.keepass.database.element.DateInstant
 import com.kunzisoft.keepass.database.element.DeletedObject
-import com.kunzisoft.keepass.database.element.Attachment
+import com.kunzisoft.keepass.database.element.database.BinaryAttachment
 import com.kunzisoft.keepass.database.element.database.CompressionAlgorithm
 import com.kunzisoft.keepass.database.element.database.DatabaseKDBX
 import com.kunzisoft.keepass.database.element.database.DatabaseKDBX.Companion.BASE_64_FLAG
@@ -37,7 +38,6 @@ import com.kunzisoft.keepass.database.element.group.GroupKDBX
 import com.kunzisoft.keepass.database.element.icon.IconImageCustom
 import com.kunzisoft.keepass.database.element.node.NodeIdUUID
 import com.kunzisoft.keepass.database.element.node.NodeKDBXInterface
-import com.kunzisoft.keepass.database.element.database.BinaryAttachment
 import com.kunzisoft.keepass.database.element.security.ProtectedString
 import com.kunzisoft.keepass.database.exception.*
 import com.kunzisoft.keepass.database.file.DatabaseHeaderKDBX
@@ -63,8 +63,7 @@ import javax.crypto.Cipher
 import javax.crypto.CipherInputStream
 import kotlin.math.min

-class DatabaseInputKDBX(cacheDirectory: File,
-                        private val fixDuplicateUUID: Boolean = false)
+class DatabaseInputKDBX(cacheDirectory: File)
    : DatabaseInput<DatabaseKDBX>(cacheDirectory) {

    private var randomStream: StreamCipher? = null
@@ -98,12 +97,30 @@ class DatabaseInputKDBX(cacheDirectory: File,
    override fun openDatabase(databaseInputStream: InputStream,
                              password: String?,
                              keyInputStream: InputStream?,
-                              progressTaskUpdater: ProgressTaskUpdater?): DatabaseKDBX {
+                              progressTaskUpdater: ProgressTaskUpdater?,
+                              fixDuplicateUUID: Boolean): DatabaseKDBX {
+        return openDatabase(databaseInputStream, progressTaskUpdater, fixDuplicateUUID) {
+            mDatabase.retrieveMasterKey(password, keyInputStream)
+        }
+    }

+    @Throws(LoadDatabaseException::class)
+    override fun openDatabase(databaseInputStream: InputStream,
+                              masterKey: ByteArray,
+                              progressTaskUpdater: ProgressTaskUpdater?,
+                              fixDuplicateUUID: Boolean): DatabaseKDBX {
+        return openDatabase(databaseInputStream, progressTaskUpdater, fixDuplicateUUID) {
+            mDatabase.masterKey = masterKey
+        }
+    }
+
+    @Throws(LoadDatabaseException::class)
+    private fun openDatabase(databaseInputStream: InputStream,
+                             progressTaskUpdater: ProgressTaskUpdater?,
+                             fixDuplicateUUID: Boolean,
+                             assignMasterKey: (() -> Unit)? = null): DatabaseKDBX {
        try {
-            // TODO performance
            progressTaskUpdater?.updateMessage(R.string.retrieving_db_key)
-
            mDatabase = DatabaseKDBX()

            mDatabase.changeDuplicateId = fixDuplicateUUID
@@ -116,9 +133,8 @@ class DatabaseInputKDBX(cacheDirectory: File,
            hashOfHeader = headerAndHash.hash
            val pbHeader = headerAndHash.header

-            mDatabase.retrieveMasterKey(password, keyInputStream)
+            assignMasterKey?.invoke()
            mDatabase.makeFinalKey(header.masterSeed)
-            // TODO performance

            progressTaskUpdater?.updateMessage(R.string.decrypting_db)
            val engine: CipherEngine
@@ -185,10 +201,10 @@ class DatabaseInputKDBX(cacheDirectory: File,
                loadInnerHeader(inputStreamXml, header)
            }

-            randomStream = StreamCipherFactory.getInstance(header.innerRandomStream, header.innerRandomStreamKey)
-
-            if (randomStream == null) {
-                throw ArcFourDatabaseException()
+            try {
+                randomStream = StreamCipherFactory.getInstance(header.innerRandomStream, header.innerRandomStreamKey)
+            } catch (e: Exception) {
+                throw LoadDatabaseException(e)
            }

            readDocumentStreamed(createPullParser(inputStreamXml))
@@ -436,8 +452,6 @@ class DatabaseInputKDBX(cacheDirectory: File,
                val strData = readString(xpp)
                if (strData.isNotEmpty()) {
                    customIconData = Base64.decode(strData, BASE_64_FLAG)
-                } else {
-                    assert(false)
                }
            } else {
                readUnknown(xpp)
@@ -958,7 +972,7 @@ class DatabaseInputKDBX(cacheDirectory: File,
                // Create empty binary if not retrieved in pool
                if (binaryRetrieve == null) {
                    binaryRetrieve = mDatabase.buildNewBinary(cacheDirectory,
-                            compression = false, protection = true, binaryPoolId = id)
+                            compression = false, protection = false, binaryPoolId = id)
                }
                return binaryRetrieve
            }
@@ -1024,29 +1038,20 @@ class DatabaseInputKDBX(cacheDirectory: File,
        return xpp.safeNextText()
    }

-    @Throws(XmlPullParserException::class, IOException::class)
-    private fun readBase64String(xpp: XmlPullParser): ByteArray {
-
-        //readNextNode = false;
-        Base64.decode(xpp.safeNextText(), BASE_64_FLAG)?.let { data ->
-            val plainText = ByteArray(data.size)
-            randomStream?.processBytes(data, 0, data.size, plainText, 0)
-            return plainText
-        }
-        return ByteArray(0)
-    }

    @Throws(XmlPullParserException::class, IOException::class)
    private fun readProtectedBase64String(xpp: XmlPullParser): ByteArray? {
-        //(xpp.getEventType() == XmlPullParser.START_TAG);
-
        if (xpp.attributeCount > 0) {
            val protect = xpp.getAttributeValue(null, DatabaseKDBXXML.AttrProtected)
            if (protect != null && protect.equals(DatabaseKDBXXML.ValTrue, ignoreCase = true)) {
-                return readBase64String(xpp)
+                Base64.decode(xpp.safeNextText(), BASE_64_FLAG)?.let { data ->
+                    val plainText = ByteArray(data.size)
+                    randomStream?.processBytes(data, 0, data.size, plainText, 0)
+                    return plainText
+                }
+                return ByteArray(0)
            }
        }
-
        return null
    }

--- a/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseHeaderOutput.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseHeaderOutput.kt
@@ -1,25 +0,0 @@
-/*
- * Copyright 2019 Jeremy Jamet / Kunzisoft.
- *     
- * This file is part of KeePassDX.
- *
- *  KeePassDX is free software: you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation, either version 3 of the License, or
- *  (at your option) any later version.
- *
- *  KeePassDX is distributed in the hope that it will be useful,
- *  but WITHOUT ANY WARRANTY; without even the implied warranty of
- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- *  GNU General Public License for more details.
- *
- *  You should have received a copy of the GNU General Public License
- *  along with KeePassDX.  If not, see <http://www.gnu.org/licenses/>.
- *
- */
-package com.kunzisoft.keepass.database.file.output
-
-open class DatabaseHeaderOutput {
-    var hashOfHeader: ByteArray? = null
-        protected set
-}
--- a/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseHeaderOutputKDBX.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseHeaderOutputKDBX.kt
@@ -40,13 +40,16 @@ import javax.crypto.spec.SecretKeySpec
 class DatabaseHeaderOutputKDBX @Throws(DatabaseOutputException::class)
 constructor(private val databaseKDBX: DatabaseKDBX,
            private val header: DatabaseHeaderKDBX,
-            outputStream: OutputStream) : DatabaseHeaderOutput() {
+            outputStream: OutputStream) {

    private val los: LittleEndianDataOutputStream
    private val mos: MacOutputStream
    private val dos: DigestOutputStream
    lateinit var headerHmac: ByteArray

+    var hashOfHeader: ByteArray? = null
+        private set
+
    init {

        val md: MessageDigest
--- a/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseInnerHeaderOutputKDBX.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseInnerHeaderOutputKDBX.kt
@@ -1,76 +0,0 @@
-/*
- * Copyright 2019 Jeremy Jamet / Kunzisoft.
- *
- * This file is part of KeePassDX.
- *
- *  KeePassDroid is free software: you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation, either version 3 of the License, or
- *  (at your option) any later version.
- *
- *  KeePassDroid is distributed in the hope that it will be useful,
- *  but WITHOUT ANY WARRANTY; without even the implied warranty of
- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- *  GNU General Public License for more details.
- *
- *  You should have received a copy of the GNU General Public License
- *  along with KeePassDroid.  If not, see <http://www.gnu.org/licenses/>.
- *
- */
-package com.kunzisoft.keepass.database.file.output
-
-import com.kunzisoft.keepass.database.element.database.DatabaseKDBX
-import com.kunzisoft.keepass.database.element.database.DatabaseKDBX.Companion.BUFFER_SIZE_BYTES
-import com.kunzisoft.keepass.database.file.DatabaseHeaderKDBX
-import com.kunzisoft.keepass.stream.LittleEndianDataOutputStream
-import com.kunzisoft.keepass.stream.readBytes
-import com.kunzisoft.keepass.utils.UnsignedInt
-import java.io.IOException
-import java.io.OutputStream
-import kotlin.experimental.or
-
-class DatabaseInnerHeaderOutputKDBX(private val database: DatabaseKDBX,
-                                    private val header: DatabaseHeaderKDBX,
-                                    outputStream: OutputStream) {
-
-    private val dataOutputStream: LittleEndianDataOutputStream = LittleEndianDataOutputStream(outputStream)
-
-    @Throws(IOException::class)
-    fun output() {
-        dataOutputStream.writeByte(DatabaseHeaderKDBX.PwDbInnerHeaderV4Fields.InnerRandomStreamID)
-        dataOutputStream.writeInt(4)
-        if (header.innerRandomStream == null)
-            throw IOException("Can't write innerRandomStream")
-        dataOutputStream.writeUInt(header.innerRandomStream!!.id)
-
-        val streamKeySize = header.innerRandomStreamKey.size
-        dataOutputStream.writeByte(DatabaseHeaderKDBX.PwDbInnerHeaderV4Fields.InnerRandomstreamKey)
-        dataOutputStream.writeInt(streamKeySize)
-        dataOutputStream.write(header.innerRandomStreamKey)
-
-        database.binaryPool.doForEachOrderedBinary { _, keyBinary ->
-            val protectedBinary = keyBinary.binary
-            // Force decompression to add binary in header
-            protectedBinary.decompress()
-            // Write type binary
-            dataOutputStream.writeByte(DatabaseHeaderKDBX.PwDbInnerHeaderV4Fields.Binary)
-            // Write size
-            dataOutputStream.writeUInt(UnsignedInt.fromKotlinLong(protectedBinary.length() + 1))
-            // Write protected flag
-            var flag = DatabaseHeaderKDBX.KdbxBinaryFlags.None
-            if (protectedBinary.isProtected) {
-                flag = flag or DatabaseHeaderKDBX.KdbxBinaryFlags.Protected
-            }
-            dataOutputStream.writeByte(flag)
-
-            protectedBinary.getInputDataStream().use { inputStream ->
-                inputStream.readBytes(BUFFER_SIZE_BYTES) { buffer ->
-                    dataOutputStream.write(buffer)
-                }
-            }
-        }
-
-        dataOutputStream.writeByte(DatabaseHeaderKDBX.PwDbInnerHeaderV4Fields.EndOfHeader)
-        dataOutputStream.writeInt(0)
-    }
-}
--- a/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseOutput.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseOutput.kt
@@ -26,7 +26,7 @@ import java.io.OutputStream
 import java.security.NoSuchAlgorithmException
 import java.security.SecureRandom

-abstract class DatabaseOutput<Header : DatabaseHeader> protected constructor(protected var mOS: OutputStream) {
+abstract class DatabaseOutput<Header : DatabaseHeader> protected constructor(protected var mOutputStream: OutputStream) {

    @Throws(DatabaseOutputException::class)
    protected open fun setIVs(header: Header): SecureRandom {
--- a/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseOutputKDB.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseOutputKDB.kt
@@ -63,7 +63,7 @@ class DatabaseOutputKDB(private val mDatabaseKDB: DatabaseKDB,
        // and remove any orphaned nodes that are no longer part of the tree hierarchy
        sortGroupsForOutput()

-        val header = outputHeader(mOS)
+        val header = outputHeader(mOutputStream)

        val finalKey = getFinalKey(header)

@@ -85,7 +85,7 @@ class DatabaseOutputKDB(private val mDatabaseKDB: DatabaseKDB,
            cipher.init(Cipher.ENCRYPT_MODE,
                    SecretKeySpec(finalKey, "AES"),
                    IvParameterSpec(header.encryptionIV))
-            val cos = CipherOutputStream(mOS, cipher)
+            val cos = CipherOutputStream(mOutputStream, cipher)
            val bos = BufferedOutputStream(cos)
            outputPlanGroupAndEntries(bos)
            bos.flush()
--- a/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseOutputKDBX.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseOutputKDBX.kt
@@ -38,7 +38,6 @@ import com.kunzisoft.keepass.database.element.entry.EntryKDBX
 import com.kunzisoft.keepass.database.element.group.GroupKDBX
 import com.kunzisoft.keepass.database.element.icon.IconImageCustom
 import com.kunzisoft.keepass.database.element.node.NodeKDBXInterface
-import com.kunzisoft.keepass.database.element.database.BinaryAttachment
 import com.kunzisoft.keepass.database.element.security.MemoryProtectionConfig
 import com.kunzisoft.keepass.database.element.security.ProtectedString
 import com.kunzisoft.keepass.database.exception.DatabaseOutputException
@@ -47,6 +46,7 @@ import com.kunzisoft.keepass.database.file.DatabaseHeaderKDBX
 import com.kunzisoft.keepass.database.file.DatabaseKDBXXML
 import com.kunzisoft.keepass.database.file.DateKDBXUtil
 import com.kunzisoft.keepass.stream.*
+import com.kunzisoft.keepass.utils.UnsignedInt
 import org.bouncycastle.crypto.StreamCipher
 import org.joda.time.DateTime
 import org.xmlpull.v1.XmlSerializer
@@ -58,6 +58,7 @@ import java.util.*
 import java.util.zip.GZIPOutputStream
 import javax.crypto.Cipher
 import javax.crypto.CipherOutputStream
+import kotlin.experimental.or


 class DatabaseOutputKDBX(private val mDatabaseKDBX: DatabaseKDBX,
@@ -81,20 +82,19 @@ class DatabaseOutputKDBX(private val mDatabaseKDBX: DatabaseKDBX,
                throw DatabaseOutputException("No such cipher", e)
            }

-            header = outputHeader(mOS)
+            header = outputHeader(mOutputStream)

            val osPlain: OutputStream
            osPlain = if (header!!.version.toKotlinLong() < DatabaseHeaderKDBX.FILE_VERSION_32_4.toKotlinLong()) {
-                val cos = attachStreamEncryptor(header!!, mOS)
+                val cos = attachStreamEncryptor(header!!, mOutputStream)
                cos.write(header!!.streamStartBytes)

                HashedBlockOutputStream(cos)
            } else {
-                mOS.write(hashOfHeader!!)
-                mOS.write(headerHmac!!)
+                mOutputStream.write(hashOfHeader!!)
+                mOutputStream.write(headerHmac!!)

-
-                attachStreamEncryptor(header!!, HmacBlockOutputStream(mOS, mDatabaseKDBX.hmacKey!!))
+                attachStreamEncryptor(header!!, HmacBlockOutputStream(mOutputStream, mDatabaseKDBX.hmacKey!!))
            }

            val osXml: OutputStream
@@ -105,8 +105,7 @@ class DatabaseOutputKDBX(private val mDatabaseKDBX: DatabaseKDBX,
                }

                if (header!!.version.toKotlinLong() >= DatabaseHeaderKDBX.FILE_VERSION_32_4.toKotlinLong()) {
-                    val ihOut = DatabaseInnerHeaderOutputKDBX(mDatabaseKDBX, header!!, osXml)
-                    ihOut.output()
+                    outputInnerHeader(mDatabaseKDBX, header!!, osXml)
                }

                outputDatabase(osXml)
@@ -122,6 +121,49 @@ class DatabaseOutputKDBX(private val mDatabaseKDBX: DatabaseKDBX,
        }
    }

+    @Throws(IOException::class)
+    private fun outputInnerHeader(database: DatabaseKDBX,
+                                  header: DatabaseHeaderKDBX,
+                                  outputStream: OutputStream) {
+        val dataOutputStream = LittleEndianDataOutputStream(outputStream)
+
+        dataOutputStream.writeByte(DatabaseHeaderKDBX.PwDbInnerHeaderV4Fields.InnerRandomStreamID)
+        dataOutputStream.writeInt(4)
+        if (header.innerRandomStream == null)
+            throw IOException("Can't write innerRandomStream")
+        dataOutputStream.writeUInt(header.innerRandomStream!!.id)
+
+        val streamKeySize = header.innerRandomStreamKey.size
+        dataOutputStream.writeByte(DatabaseHeaderKDBX.PwDbInnerHeaderV4Fields.InnerRandomstreamKey)
+        dataOutputStream.writeInt(streamKeySize)
+        dataOutputStream.write(header.innerRandomStreamKey)
+
+        database.binaryPool.doForEachOrderedBinary { _, keyBinary ->
+            val protectedBinary = keyBinary.binary
+            // Force decompression to add binary in header
+            protectedBinary.decompress()
+            // Write type binary
+            dataOutputStream.writeByte(DatabaseHeaderKDBX.PwDbInnerHeaderV4Fields.Binary)
+            // Write size
+            dataOutputStream.writeUInt(UnsignedInt.fromKotlinLong(protectedBinary.length() + 1))
+            // Write protected flag
+            var flag = DatabaseHeaderKDBX.KdbxBinaryFlags.None
+            if (protectedBinary.isProtected) {
+                flag = flag or DatabaseHeaderKDBX.KdbxBinaryFlags.Protected
+            }
+            dataOutputStream.writeByte(flag)
+
+            protectedBinary.getInputDataStream().use { inputStream ->
+                inputStream.readBytes(BUFFER_SIZE_BYTES) { buffer ->
+                    dataOutputStream.write(buffer)
+                }
+            }
+        }
+
+        dataOutputStream.writeByte(DatabaseHeaderKDBX.PwDbInnerHeaderV4Fields.EndOfHeader)
+        dataOutputStream.writeInt(0)
+    }
+
    @Throws(IllegalArgumentException::class, IllegalStateException::class, IOException::class)
    private fun outputDatabase(outputStream: OutputStream) {

@@ -282,9 +324,10 @@ class DatabaseOutputKDBX(private val mDatabaseKDBX: DatabaseKDBX,
        }
        random.nextBytes(header.innerRandomStreamKey)

-        randomStream = StreamCipherFactory.getInstance(header.innerRandomStream, header.innerRandomStreamKey)
-        if (randomStream == null) {
-            throw DatabaseOutputException("Invalid random cipher")
+        try {
+            randomStream = StreamCipherFactory.getInstance(header.innerRandomStream, header.innerRandomStreamKey)
+        } catch (e: Exception) {
+            throw DatabaseOutputException(e)
        }

        if (header.version.toKotlinLong() < DatabaseHeaderKDBX.FILE_VERSION_32_4.toKotlinLong()) {
@@ -420,41 +463,56 @@ class DatabaseOutputKDBX(private val mDatabaseKDBX: DatabaseKDBX,
        writeObject(name, String(Base64.encode(data, BASE_64_FLAG)))
    }

+    /*
+    // Normally used by a single entry but obsolete because binaries are in meta tag with kdbx3.1-
+    // or in file header with kdbx4
+    // binary.isProtected attribute is not used to create the XML
    @Throws(IllegalArgumentException::class, IllegalStateException::class, IOException::class)
-    private fun writeBinary(binary : BinaryAttachment) {
-        val binaryLength = binary.length()
-        if (binaryLength > 0) {
+    private fun writeEntryBinary(binary : BinaryAttachment) {
+        if (binary.length() > 0) {
            if (binary.isProtected) {
                xml.attribute(null, DatabaseKDBXXML.AttrProtected, DatabaseKDBXXML.ValTrue)
-
-                binary.getInputDataStream().readBytes(BUFFER_SIZE_BYTES) { buffer ->
-                    val encoded = ByteArray(buffer.size)
-                    randomStream!!.processBytes(buffer, 0, encoded.size, encoded, 0)
-                    val charArray = String(Base64.encode(encoded, BASE_64_FLAG)).toCharArray()
-                    xml.text(charArray, 0, charArray.size)
+                binary.getInputDataStream().use { inputStream ->
+                    inputStream.readBytes(BUFFER_SIZE_BYTES) { buffer ->
+                        val encoded = ByteArray(buffer.size)
+                        randomStream!!.processBytes(buffer, 0, encoded.size, encoded, 0)
+                        xml.text(String(Base64.encode(encoded, BASE_64_FLAG)))
+                    }
                }
            } else {
-                if (binary.isCompressed) {
-                    xml.attribute(null, DatabaseKDBXXML.AttrCompressed, DatabaseKDBXXML.ValTrue)
-                }
                // Write the XML
-                binary.getInputDataStream().readBytes(BUFFER_SIZE_BYTES) { buffer ->
-                    val charArray = String(Base64.encode(buffer, BASE_64_FLAG)).toCharArray()
-                    xml.text(charArray, 0, charArray.size)
+                binary.getInputDataStream().use { inputStream ->
+                    inputStream.readBytes(BUFFER_SIZE_BYTES) { buffer ->
+                        xml.text(String(Base64.encode(buffer, BASE_64_FLAG)))
+                    }
                }
            }
        }
    }
+    */

+    // Only uses with kdbx3.1 to write binaries in meta tag
+    // With kdbx4, don't use this method because binaries are in header file
    @Throws(IllegalArgumentException::class, IllegalStateException::class, IOException::class)
    private fun writeMetaBinaries() {
        xml.startTag(null, DatabaseKDBXXML.ElemBinaries)

-        // Use indexes because necessarily in DatabaseV4 (binary header ref is the order)
+        // Use indexes because necessarily (binary header ref is the order)
        mDatabaseKDBX.binaryPool.doForEachOrderedBinary { index, keyBinary ->
            xml.startTag(null, DatabaseKDBXXML.ElemBinary)
            xml.attribute(null, DatabaseKDBXXML.AttrId, index.toString())
-            writeBinary(keyBinary.binary)
+            val binary = keyBinary.binary
+            if (binary.length() > 0) {
+                if (binary.isCompressed) {
+                    xml.attribute(null, DatabaseKDBXXML.AttrCompressed, DatabaseKDBXXML.ValTrue)
+                }
+                // Write the XML
+                binary.getInputDataStream().use { inputStream ->
+                    inputStream.readBytes(BUFFER_SIZE_BYTES) { buffer ->
+                        xml.text(String(Base64.encode(buffer, BASE_64_FLAG)))
+                    }
+                }
+            }
            xml.endTag(null, DatabaseKDBXXML.ElemBinary)
        }

@@ -523,13 +581,11 @@ class DatabaseOutputKDBX(private val mDatabaseKDBX: DatabaseKDBX,

        if (protect) {
            xml.attribute(null, DatabaseKDBXXML.AttrProtected, DatabaseKDBXXML.ValTrue)
-
-            val data = value.toString().toByteArray(charset("UTF-8"))
-            val valLength = data.size
-
-            if (valLength > 0) {
-                val encoded = ByteArray(valLength)
-                randomStream!!.processBytes(data, 0, valLength, encoded, 0)
+            val data = value.toString().toByteArray()
+            val dataLength = data.size
+            if (data.isNotEmpty()) {
+                val encoded = ByteArray(dataLength)
+                randomStream!!.processBytes(data, 0, dataLength, encoded, 0)
                xml.text(String(Base64.encode(encoded, BASE_64_FLAG)))
            }
        } else {
--- a/app/src/main/java/com/kunzisoft/keepass/database/search/SearchHelper.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/search/SearchHelper.kt
@@ -34,7 +34,7 @@ import com.kunzisoft.keepass.timeout.TimeoutHelper
 class SearchHelper {

    companion object {
-        const val MAX_SEARCH_ENTRY = 6
+        const val MAX_SEARCH_ENTRY = 10

        /**
         * Utility method to perform actions if item is found or not after an auto search in [database]
--- a/app/src/main/java/com/kunzisoft/keepass/database/search/SearchParameters.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/search/SearchParameters.kt
@@ -33,6 +33,7 @@ class SearchParameters {
    var searchInUrls = true
    var searchInGroupNames = false
    var searchInNotes = true
+    var searchInOTP = false
    var searchInOther = true
    var searchInUUIDs = false
    var searchInTags = true
@@ -54,6 +55,7 @@ class SearchParameters {
        this.searchInUrls = source.searchInUrls
        this.searchInGroupNames = source.searchInGroupNames
        this.searchInNotes = source.searchInNotes
+        this.searchInOTP = source.searchInOTP
        this.searchInOther = source.searchInOther
        this.searchInUUIDs = source.searchInUUIDs
        this.searchInTags = source.searchInTags
@@ -69,6 +71,7 @@ class SearchParameters {
        searchInUrls = false
        searchInGroupNames = false
        searchInNotes = false
+        searchInOTP = false
        searchInOther = false
        searchInUUIDs = false
        searchInTags = false
--- a/app/src/main/java/com/kunzisoft/keepass/database/search/iterator/EntrySearchStringIteratorKDBX.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/search/iterator/EntrySearchStringIteratorKDBX.kt
@@ -22,6 +22,7 @@ package com.kunzisoft.keepass.database.search.iterator
 import com.kunzisoft.keepass.database.element.entry.EntryKDBX
 import com.kunzisoft.keepass.database.element.security.ProtectedString
 import com.kunzisoft.keepass.database.search.SearchParameters
+import com.kunzisoft.keepass.otp.OtpEntryFields
 import java.util.*
 import kotlin.collections.Map.Entry

@@ -75,6 +76,7 @@ class EntrySearchStringIteratorKDBX(
            EntryKDBX.STR_PASSWORD -> mSearchParameters.searchInPasswords
            EntryKDBX.STR_URL -> mSearchParameters.searchInUrls
            EntryKDBX.STR_NOTES -> mSearchParameters.searchInNotes
+            OtpEntryFields.OTP_FIELD -> mSearchParameters.searchInOTP
            else -> mSearchParameters.searchInOther
        }
    }
--- a/app/src/main/java/com/kunzisoft/keepass/education/PasswordActivityEducation.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/education/PasswordActivityEducation.kt
@@ -86,8 +86,8 @@ class PasswordActivityEducation(activity: Activity)
                                            onOuterViewClick: ((TapTargetView?) -> Unit)? = null): Boolean {
        return checkAndPerformedEducation(!isEducationBiometricPerformed(activity),
                TapTarget.forView(educationView,
-                        activity.getString(R.string.education_biometric_title),
-                        activity.getString(R.string.education_biometric_summary))
+                        activity.getString(R.string.education_advanced_unlock_title),
+                        activity.getString(R.string.education_advanced_unlock_summary))
                        .textColorInt(Color.WHITE)
                        .tintTarget(false)
                        .cancelable(true),
--- a/app/src/main/java/com/kunzisoft/keepass/icons/IconDrawableFactory.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/icons/IconDrawableFactory.kt
@@ -26,9 +26,12 @@ import android.graphics.*
 import android.graphics.drawable.BitmapDrawable
 import android.graphics.drawable.ColorDrawable
 import android.graphics.drawable.Drawable
+import android.graphics.drawable.Icon
+import android.os.Build
 import android.util.Log
 import android.widget.ImageView
 import android.widget.RemoteViews
+import androidx.annotation.RequiresApi
 import androidx.core.content.res.ResourcesCompat
 import androidx.core.graphics.drawable.toBitmap
 import androidx.core.widget.ImageViewCompat
@@ -87,6 +90,22 @@ class IconDrawableFactory {
        remoteViews.setImageViewBitmap(imageId, bitmap)
    }

+    /**
+     * Utility method to assign a drawable to a icon and tint it
+     */
+    @RequiresApi(Build.VERSION_CODES.M)
+    fun assignDrawableToIcon(superDrawable: SuperDrawable,
+                             tintColor: Int = Color.BLACK): Icon {
+        val bitmap = superDrawable.drawable.toBitmap()
+        // Tint bitmap if it's not a custom icon
+        if (superDrawable.tintable && bitmap.isMutable) {
+            Canvas(bitmap).drawBitmap(bitmap, 0.0F, 0.0F, Paint().apply {
+                colorFilter = PorterDuffColorFilter(tintColor, PorterDuff.Mode.SRC_IN)
+            })
+        }
+        return Icon.createWithBitmap(bitmap)
+    }
+
    /**
     * Get the [SuperDrawable] [icon] (from cache, or build it and add it to the cache if not exists yet), then [tint] it with [tintColor] if needed
     */
@@ -309,3 +328,22 @@ fun RemoteViews.assignDatabaseIcon(context: Context,
        Log.e(RemoteViews::class.java.name, "Unable to assign icon in remote view", e)
    }
 }
+
+@RequiresApi(Build.VERSION_CODES.M)
+fun createIconFromDatabaseIcon(context: Context,
+                               iconFactory: IconDrawableFactory,
+                               icon: IconImage,
+                               tintColor: Int = Color.BLACK): Icon? {
+    try {
+        return iconFactory.assignDrawableToIcon(
+                iconFactory.getIconSuperDrawable(context,
+                        icon,
+                        24,
+                        true,
+                        tintColor),
+                tintColor)
+    } catch (e: Exception) {
+        Log.e(RemoteViews::class.java.name, "Unable to assign icon in remote view", e)
+    }
+    return null
+}
--- a/app/src/main/java/com/kunzisoft/keepass/magikeyboard/MagikIME.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/magikeyboard/MagikIME.kt
@@ -42,6 +42,7 @@ import com.kunzisoft.keepass.database.element.Database
 import com.kunzisoft.keepass.model.EntryInfo
 import com.kunzisoft.keepass.model.Field
 import com.kunzisoft.keepass.notifications.KeyboardEntryNotificationService
+import com.kunzisoft.keepass.otp.OtpEntryFields.OTP_TOKEN_FIELD
 import com.kunzisoft.keepass.settings.PreferencesUtil
 import com.kunzisoft.keepass.utils.*

@@ -243,6 +244,14 @@ class MagikIME : InputMethodService(), KeyboardView.OnKeyboardActionListener {
                if (entryInfoKey != null) {
                    currentInputConnection.commitText(entryInfoKey!!.password, 1)
                }
+                val otpFieldExists = entryInfoKey?.containsCustomField(OTP_TOKEN_FIELD) ?: false
+                actionGoAutomatically(!otpFieldExists)
+            }
+            KEY_OTP -> {
+                if (entryInfoKey != null) {
+                    currentInputConnection.commitText(
+                            entryInfoKey!!.getGeneratedFieldValue(OTP_TOKEN_FIELD), 1)
+                }
                actionGoAutomatically()
            }
            KEY_URL -> {
@@ -254,7 +263,7 @@ class MagikIME : InputMethodService(), KeyboardView.OnKeyboardActionListener {
            KEY_FIELDS -> {
                if (entryInfoKey != null) {
                    fieldsAdapter?.apply {
-                        setFields(entryInfoKey!!.customFields)
+                        setFields(entryInfoKey!!.customFields.filter { it.name != OTP_TOKEN_FIELD})
                        notifyDataSetChanged()
                    }
                }
@@ -272,10 +281,11 @@ class MagikIME : InputMethodService(), KeyboardView.OnKeyboardActionListener {
            currentInputConnection.sendKeyEvent(KeyEvent(KeyEvent.ACTION_DOWN, KeyEvent.KEYCODE_TAB))
    }

-    private fun actionGoAutomatically() {
+    private fun actionGoAutomatically(switchToPreviousKeyboardIfAllowed: Boolean = true) {
        if (PreferencesUtil.isAutoGoActionEnable(this)) {
            currentInputConnection.performEditorAction(EditorInfo.IME_ACTION_GO)
-            if (PreferencesUtil.isKeyboardPreviousFillInEnable(this)) {
+            if (switchToPreviousKeyboardIfAllowed
+                    && PreferencesUtil.isKeyboardPreviousFillInEnable(this)) {
                switchToPreviousKeyboard()
            }
        }
@@ -326,6 +336,7 @@ class MagikIME : InputMethodService(), KeyboardView.OnKeyboardActionListener {
        private const val KEY_ENTRY = 620
        private const val KEY_USERNAME = 500
        private const val KEY_PASSWORD = 510
+        private const val KEY_OTP = 515
        private const val KEY_URL = 520
        private const val KEY_FIELDS = 530

--- a/app/src/main/java/com/kunzisoft/keepass/model/EntryInfo.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/model/EntryInfo.kt
@@ -28,6 +28,7 @@ import com.kunzisoft.keepass.database.element.icon.IconImage
 import com.kunzisoft.keepass.database.element.icon.IconImageStandard
 import com.kunzisoft.keepass.database.element.security.ProtectedString
 import com.kunzisoft.keepass.otp.OtpElement
+import com.kunzisoft.keepass.otp.OtpEntryFields
 import com.kunzisoft.keepass.otp.OtpEntryFields.OTP_TOKEN_FIELD
 import kotlin.collections.ArrayList

@@ -38,6 +39,8 @@ class EntryInfo : Parcelable {
    var icon: IconImage = IconImageStandard()
    var username: String = ""
    var password: String = ""
+    var creationTime: DateInstant = DateInstant()
+    var modificationTime: DateInstant = DateInstant()
    var expires: Boolean = false
    var expiryTime: DateInstant = DateInstant.IN_ONE_MONTH
    var url: String = ""
@@ -54,6 +57,8 @@ class EntryInfo : Parcelable {
        icon = parcel.readParcelable(IconImage::class.java.classLoader) ?: icon
        username = parcel.readString() ?: username
        password = parcel.readString() ?: password
+        creationTime = parcel.readParcelable(DateInstant::class.java.classLoader) ?: creationTime
+        modificationTime = parcel.readParcelable(DateInstant::class.java.classLoader) ?: modificationTime
        expires = parcel.readInt() != 0
        expiryTime = parcel.readParcelable(DateInstant::class.java.classLoader) ?: expiryTime
        url = parcel.readString() ?: url
@@ -73,6 +78,8 @@ class EntryInfo : Parcelable {
        parcel.writeParcelable(icon, flags)
        parcel.writeString(username)
        parcel.writeString(password)
+        parcel.writeParcelable(creationTime, flags)
+        parcel.writeParcelable(modificationTime, flags)
        parcel.writeInt(if (expires) 1 else 0)
        parcel.writeParcelable(expiryTime, flags)
        parcel.writeString(url)
@@ -90,13 +97,13 @@ class EntryInfo : Parcelable {
        return customFields.any { !it.protectedValue.isProtected }
    }

-    fun isAutoGeneratedField(field: Field): Boolean {
-        return field.name == OTP_TOKEN_FIELD
+    fun containsCustomField(label: String): Boolean {
+        return customFields.lastOrNull { it.name == label } != null
    }

    fun getGeneratedFieldValue(label: String): String {
-        otpModel?.let {
-            if (label == OTP_TOKEN_FIELD) {
+        if (label == OTP_TOKEN_FIELD) {
+            otpModel?.let {
                return OtpElement(it).token
            }
        }
@@ -104,37 +111,55 @@ class EntryInfo : Parcelable {
    }

    private fun addUniqueField(field: Field, number: Int = 0) {
-        var exists = false
-        var sameData = false
-        val suffix = if (number > 0) number.toString() else ""
+        var sameName = false
+        var sameValue = false
+        val suffix = if (number > 0) "_$number" else ""
        customFields.forEach { currentField ->
+            // Not write the same data again
+            if (currentField.protectedValue.stringValue == field.protectedValue.stringValue) {
+                sameValue = true
+                return
+            }
+            // Same name but new value, create a new suffix
            if (currentField.name == field.name + suffix) {
-                exists = true
-                // Not write the same value again
-                if (currentField.protectedValue.stringValue == field.protectedValue.stringValue) {
-                    sameData = true
-                } else {
-                    addUniqueField(field, number + 1)
-                }
+                sameName = true
+                addUniqueField(field, number + 1)
                return
            }
        }
-        if (!exists && !sameData)
+        if (!sameName && !sameValue)
            (customFields as ArrayList<Field>).add(Field(field.name + suffix, field.protectedValue))
    }

    fun saveSearchInfo(database: Database?, searchInfo: SearchInfo) {
-        searchInfo.webDomain?.let { webDomain ->
+        searchInfo.otpString?.let { otpString ->
+            // Replace the OTP field
+            OtpEntryFields.parseOTPUri(otpString)?.let { otpElement ->
+                if (title.isEmpty())
+                    title = otpElement.issuer
+                if (username.isEmpty())
+                    username = otpElement.name
+                // Add OTP field
+                val mutableCustomFields = customFields as ArrayList<Field>
+                val otpField = OtpEntryFields.buildOtpField(otpElement, null, null)
+                if (mutableCustomFields.contains(otpField)) {
+                    mutableCustomFields.remove(otpField)
+                }
+                mutableCustomFields.add(otpField)
+            }
+        } ?: searchInfo.webDomain?.let { webDomain ->
            // If unable to save web domain in custom field or URL not populated, save in URL
            val scheme = searchInfo.webScheme
            val webScheme = if (scheme.isNullOrEmpty()) "http" else scheme
            val webDomainToStore = "$webScheme://$webDomain"
            if (database?.allowEntryCustomFields() != true || url.isEmpty()) {
                url = webDomainToStore
-            } else {
+            }
+            else if (url != webDomainToStore){
                // Save web domain in custom field
                addUniqueField(Field(WEB_DOMAIN_FIELD_NAME,
-                        ProtectedString(false, webDomainToStore))
+                        ProtectedString(false, webDomainToStore)),
+                        1 // Start to one because URL is a standard field name
                )
            }
        } ?: run {
@@ -151,8 +176,8 @@ class EntryInfo : Parcelable {

    companion object {

-        const val WEB_DOMAIN_FIELD_NAME = "WebDomain"
-        const val APPLICATION_ID_FIELD_NAME = "ApplicationId"
+        const val WEB_DOMAIN_FIELD_NAME = "URL"
+        const val APPLICATION_ID_FIELD_NAME = "AndroidApp"

        @JvmField
        val CREATOR: Parcelable.Creator<EntryInfo> = object : Parcelable.Creator<EntryInfo> {
--- a/app/src/main/java/com/kunzisoft/keepass/model/SearchInfo.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/model/SearchInfo.kt
@@ -2,8 +2,10 @@ package com.kunzisoft.keepass.model

 import android.content.Context
 import android.content.res.Resources
+import android.net.Uri
 import android.os.Parcel
 import android.os.Parcelable
+import com.kunzisoft.keepass.otp.OtpEntryFields
 import com.kunzisoft.keepass.settings.PreferencesUtil
 import com.kunzisoft.keepass.utils.ObjectNameResource
 import kotlinx.coroutines.CoroutineScope
@@ -35,6 +37,7 @@ class SearchInfo : ObjectNameResource, Parcelable {
        get() {
            return if (webDomain == null) null else field
        }
+    var otpString: String? = null

    constructor()

@@ -42,6 +45,7 @@ class SearchInfo : ObjectNameResource, Parcelable {
        applicationId = toCopy?.applicationId
        webDomain = toCopy?.webDomain
        webScheme = toCopy?.webScheme
+        otpString = toCopy?.otpString
    }

    private constructor(parcel: Parcel) {
@@ -51,6 +55,8 @@ class SearchInfo : ObjectNameResource, Parcelable {
        webDomain = if (readDomain.isNullOrEmpty()) null else readDomain
        val readScheme = parcel.readString()
        webScheme = if (readScheme.isNullOrEmpty()) null else readScheme
+        val readOtp = parcel.readString()
+        otpString = if (readOtp.isNullOrEmpty()) null else readOtp
    }

    override fun describeContents(): Int {
@@ -61,14 +67,23 @@ class SearchInfo : ObjectNameResource, Parcelable {
        parcel.writeString(applicationId ?: "")
        parcel.writeString(webDomain ?: "")
        parcel.writeString(webScheme ?: "")
+        parcel.writeString(otpString ?: "")
    }

    override fun getName(resources: Resources): String {
+        otpString?.let { otpString ->
+            OtpEntryFields.parseOTPUri(otpString)?.let { otpElement ->
+                return "${otpElement.type} (${Uri.decode(otpElement.issuer)}:${Uri.decode(otpElement.name)})"
+            }
+        }
        return toString()
    }

    fun containsOnlyNullValues(): Boolean {
-        return applicationId == null && webDomain == null && webScheme == null
+        return applicationId == null
+                && webDomain == null
+                && webScheme == null
+                && otpString == null
    }

    override fun equals(other: Any?): Boolean {
@@ -80,6 +95,7 @@ class SearchInfo : ObjectNameResource, Parcelable {
        if (applicationId != other.applicationId) return false
        if (webDomain != other.webDomain) return false
        if (webScheme != other.webScheme) return false
+        if (otpString != other.otpString) return false

        return true
    }
@@ -88,11 +104,12 @@ class SearchInfo : ObjectNameResource, Parcelable {
        var result = applicationId?.hashCode() ?: 0
        result = 31 * result + (webDomain?.hashCode() ?: 0)
        result = 31 * result + (webScheme?.hashCode() ?: 0)
+        result = 31 * result + (otpString?.hashCode() ?: 0)
        return result
    }

    override fun toString(): String {
-        return webDomain ?: applicationId ?: ""
+        return otpString ?: webDomain ?: applicationId ?: ""
    }

    companion object {
--- a/app/src/main/java/com/kunzisoft/keepass/model/SnapFileDatabaseInfo.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/model/SnapFileDatabaseInfo.kt
@@ -0,0 +1,62 @@
+package com.kunzisoft.keepass.model
+
+import android.content.Context
+import android.net.Uri
+import android.os.Parcel
+import android.os.Parcelable
+import android.text.format.Formatter
+import com.kunzisoft.keepass.viewmodels.FileDatabaseInfo
+import java.text.DateFormat
+import java.util.*
+
+/**
+ * Utility data class to get FileDatabaseInfo at a `t` time
+ */
+data class SnapFileDatabaseInfo(var fileUri: Uri?,
+                                var exists: Boolean,
+                                var lastModification: Long?,
+                                var size: Long?): Parcelable {
+
+    constructor(parcel: Parcel) : this(
+            parcel.readParcelable(Uri::class.java.classLoader),
+            parcel.readByte() != 0.toByte(),
+            parcel.readValue(Long::class.java.classLoader) as? Long,
+            parcel.readValue(Long::class.java.classLoader) as? Long) {
+    }
+
+    fun toString(context: Context): String {
+        val lastModificationString = DateFormat.getDateTimeInstance()
+                .format(Date(lastModification ?: 0))
+        return "$lastModificationString, " +
+                Formatter.formatFileSize(context, size ?: 0)
+    }
+
+    override fun writeToParcel(parcel: Parcel, flags: Int) {
+        parcel.writeParcelable(fileUri, flags)
+        parcel.writeByte(if (exists) 1 else 0)
+        parcel.writeValue(lastModification)
+        parcel.writeValue(size)
+    }
+
+    override fun describeContents(): Int {
+        return 0
+    }
+
+    companion object CREATOR : Parcelable.Creator<SnapFileDatabaseInfo> {
+        override fun createFromParcel(parcel: Parcel): SnapFileDatabaseInfo {
+            return SnapFileDatabaseInfo(parcel)
+        }
+
+        override fun newArray(size: Int): Array<SnapFileDatabaseInfo?> {
+            return arrayOfNulls(size)
+        }
+
+        fun fromFileDatabaseInfo(fileDatabaseInfo: FileDatabaseInfo): SnapFileDatabaseInfo {
+            return SnapFileDatabaseInfo(
+                    fileDatabaseInfo.fileUri,
+                    fileDatabaseInfo.exists,
+                    fileDatabaseInfo.getLastModification(),
+                    fileDatabaseInfo.getSize())
+        }
+    }
+}
--- a/app/src/main/java/com/kunzisoft/keepass/notifications/AdvancedUnlockNotificationService.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/notifications/AdvancedUnlockNotificationService.kt
@@ -0,0 +1,143 @@
+package com.kunzisoft.keepass.notifications
+
+import android.app.PendingIntent
+import android.content.Context
+import android.content.Intent
+import android.net.Uri
+import android.os.Binder
+import android.os.IBinder
+import com.kunzisoft.keepass.R
+import com.kunzisoft.keepass.app.database.CipherDatabaseEntity
+import com.kunzisoft.keepass.settings.PreferencesUtil
+import com.kunzisoft.keepass.timeout.TimeoutHelper
+import kotlinx.coroutines.*
+
+class AdvancedUnlockNotificationService : NotificationService() {
+
+    private lateinit var mTempCipherDao: ArrayList<CipherDatabaseEntity>
+
+    private var mActionTaskBinder = AdvancedUnlockBinder()
+
+    private var notificationTimeoutMilliSecs: Long = 0
+    private var mTimerJob: Job? = null
+
+    inner class AdvancedUnlockBinder: Binder() {
+        fun getCipherDatabase(databaseUri: Uri): CipherDatabaseEntity? {
+            return mTempCipherDao.firstOrNull { it.databaseUri == databaseUri.toString()}
+        }
+        fun addOrUpdateCipherDatabase(cipherDatabaseEntity: CipherDatabaseEntity) {
+            val cipherDatabaseRetrieve = mTempCipherDao.firstOrNull { it.databaseUri == cipherDatabaseEntity.databaseUri }
+            cipherDatabaseRetrieve?.replaceContent(cipherDatabaseEntity)
+                    ?: mTempCipherDao.add(cipherDatabaseEntity)
+        }
+        fun deleteByDatabaseUri(databaseUri: Uri) {
+            mTempCipherDao.firstOrNull { it.databaseUri == databaseUri.toString() }?.let {
+                mTempCipherDao.remove(it)
+            }
+        }
+        fun deleteAll() {
+            mTempCipherDao.clear()
+        }
+    }
+
+    override val notificationId: Int = 593
+
+    override fun retrieveChannelId(): String {
+        return CHANNEL_ADVANCED_UNLOCK_ID
+    }
+
+    override fun retrieveChannelName(): String {
+        return getString(R.string.advanced_unlock)
+    }
+
+    override fun onBind(intent: Intent): IBinder? {
+        super.onBind(intent)
+        return mActionTaskBinder
+    }
+
+    override fun onStartCommand(intent: Intent?, flags: Int, startId: Int): Int {
+        super.onStartCommand(intent, flags, startId)
+
+        val deleteIntent = Intent(this, AdvancedUnlockNotificationService::class.java).apply {
+            action = ACTION_REMOVE_KEYS
+        }
+        val pendingDeleteIntent = PendingIntent.getService(this, 0, deleteIntent, PendingIntent.FLAG_UPDATE_CURRENT)
+        val biometricUnlockEnabled = PreferencesUtil.isBiometricUnlockEnable(this)
+        val notificationBuilder =  buildNewNotification().apply {
+            setSmallIcon(if (biometricUnlockEnabled) {
+                R.drawable.notification_ic_fingerprint_unlock_24dp
+            } else {
+                R.drawable.notification_ic_device_unlock_24dp
+            })
+            intent?.let {
+                setContentTitle(getString(R.string.advanced_unlock))
+            }
+            setContentText(getString(R.string.advanced_unlock_tap_delete))
+            setContentIntent(pendingDeleteIntent)
+            // Unfortunately swipe is disabled in lollipop+
+            setDeleteIntent(pendingDeleteIntent)
+        }
+
+        when (intent?.action) {
+            ACTION_TIMEOUT -> {
+                notificationTimeoutMilliSecs = PreferencesUtil.getAdvancedUnlockTimeout(this)
+                // Not necessarily a foreground service
+                if (mTimerJob == null && notificationTimeoutMilliSecs != TimeoutHelper.NEVER) {
+                    mTimerJob = CoroutineScope(Dispatchers.Main).launch {
+                        val maxPos = 100
+                        val posDurationMills = notificationTimeoutMilliSecs / maxPos
+                        for (pos in maxPos downTo 0) {
+                            notificationBuilder.setProgress(maxPos, pos, false)
+                            startForeground(notificationId, notificationBuilder.build())
+                            delay(posDurationMills)
+                            if (pos <= 0) {
+                                stopSelf()
+                            }
+                        }
+                        notificationManager?.cancel(notificationId)
+                        mTimerJob = null
+                        cancel()
+                    }
+                } else {
+                    startForeground(notificationId, notificationBuilder.build())
+                }
+            }
+            ACTION_REMOVE_KEYS -> {
+                stopSelf()
+            }
+            else -> {}
+        }
+
+        return START_STICKY
+    }
+
+    override fun onCreate() {
+        super.onCreate()
+        mTempCipherDao = ArrayList()
+    }
+
+    override fun onDestroy() {
+        mTempCipherDao.clear()
+        mTimerJob?.cancel()
+        super.onDestroy()
+    }
+
+    companion object {
+        private const val CHANNEL_ADVANCED_UNLOCK_ID = "com.kunzisoft.keepass.notification.channel.unlock"
+
+        private const val ACTION_TIMEOUT = "ACTION_TIMEOUT"
+        private const val ACTION_REMOVE_KEYS = "ACTION_REMOVE_KEYS"
+
+        fun startServiceForTimeout(context: Context) {
+            if (PreferencesUtil.isTempAdvancedUnlockEnable(context)) {
+                context.startService(Intent(context, AdvancedUnlockNotificationService::class.java).apply {
+                    action = ACTION_TIMEOUT
+                })
+            }
+        }
+
+        fun stopService(context: Context) {
+            context.stopService(Intent(context, AdvancedUnlockNotificationService::class.java))
+        }
+    }
+}
--- a/app/src/main/java/com/kunzisoft/keepass/notifications/AttachmentFileNotificationService.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/notifications/AttachmentFileNotificationService.kt
@@ -52,6 +52,14 @@ class AttachmentFileNotificationService: LockNotificationService() {

    private val mainScope = CoroutineScope(Dispatchers.Main)

+    override fun retrieveChannelId(): String {
+        return CHANNEL_ATTACHMENT_ID
+    }
+
+    override fun retrieveChannelName(): String {
+        return getString(R.string.entry_attachments)
+    }
+
    inner class ActionTaskBinder: Binder() {

        fun getService(): AttachmentFileNotificationService = this@AttachmentFileNotificationService
@@ -430,6 +438,8 @@ class AttachmentFileNotificationService: LockNotificationService() {
    companion object {
        private val TAG = AttachmentFileNotificationService::javaClass.name

+        private const val CHANNEL_ATTACHMENT_ID = "com.kunzisoft.keepass.notification.channel.attachment"
+
        const val ACTION_ATTACHMENT_FILE_START_UPLOAD = "ACTION_ATTACHMENT_FILE_START_UPLOAD"
        const val ACTION_ATTACHMENT_FILE_START_DOWNLOAD = "ACTION_ATTACHMENT_FILE_START_DOWNLOAD"
        const val ACTION_ATTACHMENT_REMOVE = "ACTION_ATTACHMENT_REMOVE"
--- a/app/src/main/java/com/kunzisoft/keepass/notifications/ClipboardEntryNotificationField.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/notifications/ClipboardEntryNotificationField.kt
@@ -23,6 +23,7 @@ import android.os.Parcel
 import android.os.Parcelable
 import android.util.Log
 import com.kunzisoft.keepass.model.EntryInfo
+import com.kunzisoft.keepass.otp.OtpEntryFields.OTP_TOKEN_FIELD
 import java.util.*

 /**
@@ -54,6 +55,7 @@ class ClipboardEntryNotificationField : Parcelable {
            NotificationFieldId.UNKNOWN -> ""
            NotificationFieldId.USERNAME -> entryInfo?.username ?: ""
            NotificationFieldId.PASSWORD -> entryInfo?.password ?: ""
+            NotificationFieldId.OTP -> entryInfo?.getGeneratedFieldValue(OTP_TOKEN_FIELD) ?: ""
            NotificationFieldId.FIELD_A,
            NotificationFieldId.FIELD_B,
            NotificationFieldId.FIELD_C -> entryInfo?.getGeneratedFieldValue(label) ?: ""
@@ -81,7 +83,7 @@ class ClipboardEntryNotificationField : Parcelable {
    }

    enum class NotificationFieldId {
-        UNKNOWN, USERNAME, PASSWORD, FIELD_A, FIELD_B, FIELD_C;
+        UNKNOWN, USERNAME, PASSWORD, OTP, FIELD_A, FIELD_B, FIELD_C;

        companion object {
            val anonymousFieldId: Array<NotificationFieldId>
--- a/app/src/main/java/com/kunzisoft/keepass/notifications/ClipboardEntryNotificationService.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/notifications/ClipboardEntryNotificationService.kt
@@ -25,6 +25,7 @@ import android.content.Intent
 import android.util.Log
 import com.kunzisoft.keepass.R
 import com.kunzisoft.keepass.model.EntryInfo
+import com.kunzisoft.keepass.otp.OtpEntryFields.OTP_TOKEN_FIELD
 import com.kunzisoft.keepass.settings.PreferencesUtil
 import com.kunzisoft.keepass.timeout.ClipboardHelper
 import com.kunzisoft.keepass.timeout.TimeoutHelper.NEVER
@@ -39,6 +40,14 @@ class ClipboardEntryNotificationService : LockNotificationService() {
    private var notificationTimeoutMilliSecs: Long = 0
    private var cleanCopyNotificationTimerTask: Thread? = null

+    override fun retrieveChannelId(): String {
+        return CHANNEL_CLIPBOARD_ID
+    }
+
+    override fun retrieveChannelName(): String {
+        return getString(R.string.clipboard)
+    }
+
    override fun onCreate() {
        super.onCreate()

@@ -230,6 +239,8 @@ class ClipboardEntryNotificationService : LockNotificationService() {

        private val TAG = ClipboardEntryNotificationService::class.java.name

+        private const val CHANNEL_CLIPBOARD_ID = "com.kunzisoft.keepass.notification.channel.clipboard"
+
        const val ACTION_NEW_NOTIFICATION = "ACTION_NEW_NOTIFICATION"
        const val EXTRA_ENTRY_INFO = "EXTRA_ENTRY_INFO"
        const val EXTRA_CLIPBOARD_FIELDS = "EXTRA_CLIPBOARD_FIELDS"
@@ -240,6 +251,7 @@ class ClipboardEntryNotificationService : LockNotificationService() {
            val containsUsernameToCopy = entry.username.isNotEmpty()
            val containsPasswordToCopy = entry.password.isNotEmpty()
                    && PreferencesUtil.allowCopyPasswordAndProtectedFields(context)
+            val containsOTPToCopy = entry.containsCustomField(OTP_TOKEN_FIELD)
            val containsExtraFieldToCopy = entry.customFields.isNotEmpty()
                    && (entry.containsCustomFieldsNotProtected()
                        ||
@@ -252,7 +264,10 @@ class ClipboardEntryNotificationService : LockNotificationService() {
            // If notifications enabled in settings
            // Don't if application timeout
            if (PreferencesUtil.isClipboardNotificationsEnable(context)) {
-                if (containsUsernameToCopy || containsPasswordToCopy || containsExtraFieldToCopy) {
+                if (containsUsernameToCopy
+                        || containsPasswordToCopy
+                        || containsOTPToCopy
+                        || containsExtraFieldToCopy) {

                    // username already copied, waiting for user's action before copy password.
                    intent.action = ACTION_NEW_NOTIFICATION
@@ -272,14 +287,22 @@ class ClipboardEntryNotificationService : LockNotificationService() {
                                        ClipboardEntryNotificationField.NotificationFieldId.PASSWORD,
                                        context.getString(R.string.entry_password)))
                    }
+                    // Add OTP
+                    if (containsOTPToCopy) {
+                        notificationFields.add(
+                                ClipboardEntryNotificationField(
+                                        ClipboardEntryNotificationField.NotificationFieldId.OTP,
+                                        OTP_TOKEN_FIELD))
+                    }
                    // Add extra fields
                    if (containsExtraFieldToCopy) {
                        try {
                            var anonymousFieldNumber = 0
                            entry.customFields.forEach { field ->
                                //If value is not protected or allowed
-                                if (!field.protectedValue.isProtected
-                                        || PreferencesUtil.allowCopyPasswordAndProtectedFields(context)) {
+                                if ((!field.protectedValue.isProtected
+                                        || PreferencesUtil.allowCopyPasswordAndProtectedFields(context))
+                                     && field.name != OTP_TOKEN_FIELD) {
                                    notificationFields.add(
                                            ClipboardEntryNotificationField(
                                                    ClipboardEntryNotificationField.NotificationFieldId.anonymousFieldId[anonymousFieldNumber],
--- a/app/src/main/java/com/kunzisoft/keepass/notifications/DatabaseTaskNotificationService.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/notifications/DatabaseTaskNotificationService.kt
@@ -22,12 +22,11 @@ package com.kunzisoft.keepass.notifications
 import android.app.PendingIntent
 import android.content.Intent
 import android.net.Uri
-import android.os.Binder
-import android.os.Build
-import android.os.Bundle
-import android.os.IBinder
+import android.os.*
+import android.util.Log
 import com.kunzisoft.keepass.R
 import com.kunzisoft.keepass.activities.GroupActivity
+import com.kunzisoft.keepass.activities.helpers.ReadOnlyHelper
 import com.kunzisoft.keepass.app.database.CipherDatabaseEntity
 import com.kunzisoft.keepass.database.action.*
 import com.kunzisoft.keepass.database.action.history.DeleteEntryHistoryDatabaseRunnable
@@ -40,6 +39,7 @@ import com.kunzisoft.keepass.database.element.database.CompressionAlgorithm
 import com.kunzisoft.keepass.database.element.node.Node
 import com.kunzisoft.keepass.database.element.node.NodeId
 import com.kunzisoft.keepass.database.element.node.Type
+import com.kunzisoft.keepass.model.SnapFileDatabaseInfo
 import com.kunzisoft.keepass.tasks.ActionRunnable
 import com.kunzisoft.keepass.tasks.ProgressTaskUpdater
 import com.kunzisoft.keepass.timeout.TimeoutHelper
@@ -47,6 +47,7 @@ import com.kunzisoft.keepass.utils.DATABASE_START_TASK_ACTION
 import com.kunzisoft.keepass.utils.DATABASE_STOP_TASK_ACTION
 import com.kunzisoft.keepass.utils.LOCK_ACTION
 import com.kunzisoft.keepass.utils.closeDatabase
+import com.kunzisoft.keepass.viewmodels.FileDatabaseInfo
 import kotlinx.coroutines.*
 import java.util.*
 import java.util.concurrent.atomic.AtomicBoolean
@@ -65,11 +66,22 @@ open class DatabaseTaskNotificationService : LockNotificationService(), Progress
    private var mAllowFinishAction = AtomicBoolean()
    private var mActionRunning = false

+    private var mSnapFileDatabaseInfo: SnapFileDatabaseInfo? = null
+    private var mDatabaseInfoListeners = LinkedList<DatabaseInfoListener>()
+
    private var mIconId: Int = R.drawable.notification_ic_database_load
    private var mTitleId: Int = R.string.database_opened
    private var mMessageId: Int? = null
    private var mWarningId: Int? = null

+    override fun retrieveChannelId(): String {
+        return CHANNEL_DATABASE_ID
+    }
+
+    override fun retrieveChannelName(): String {
+        return getString(R.string.database)
+    }
+
    inner class ActionTaskBinder: Binder() {

        fun getService(): DatabaseTaskNotificationService = this@DatabaseTaskNotificationService
@@ -85,6 +97,14 @@ open class DatabaseTaskNotificationService : LockNotificationService(), Progress
                mAllowFinishAction.set(false)
            }
        }
+
+        fun addDatabaseFileInfoListener(databaseInfoListener: DatabaseInfoListener) {
+            mDatabaseInfoListeners.add(databaseInfoListener)
+        }
+
+        fun removeDatabaseFileInfoListener(databaseInfoListener: DatabaseInfoListener) {
+            mDatabaseInfoListeners.remove(databaseInfoListener)
+        }
    }

    interface ActionTaskListener {
@@ -93,6 +113,11 @@ open class DatabaseTaskNotificationService : LockNotificationService(), Progress
        fun onStopAction(actionTask: String, result: ActionRunnable.Result)
    }

+    interface DatabaseInfoListener {
+        fun onDatabaseInfoChanged(previousDatabaseInfo: SnapFileDatabaseInfo,
+                                  newDatabaseInfo: SnapFileDatabaseInfo)
+    }
+
    /**
     * Force to call [ActionTaskListener.onStartAction] if the action is still running
     */
@@ -104,6 +129,31 @@ open class DatabaseTaskNotificationService : LockNotificationService(), Progress
        }
    }

+    fun checkDatabaseInfo() {
+        mDatabase.fileUri?.let {
+            val previousDatabaseInfo = mSnapFileDatabaseInfo
+            val lastFileDatabaseInfo = SnapFileDatabaseInfo.fromFileDatabaseInfo(
+                    FileDatabaseInfo(applicationContext, it))
+            if (previousDatabaseInfo != null) {
+                if (previousDatabaseInfo != lastFileDatabaseInfo) {
+                    Log.i(TAG, "Database file modified " +
+                            "$previousDatabaseInfo != $lastFileDatabaseInfo ")
+                    // Call listener to indicate a change in database info
+                    mDatabaseInfoListeners.forEach { listener ->
+                        listener.onDatabaseInfoChanged(previousDatabaseInfo, lastFileDatabaseInfo)
+                    }
+                }
+            }
+        }
+    }
+
+    fun saveDatabaseInfo() {
+        mDatabase.fileUri?.let {
+            mSnapFileDatabaseInfo = SnapFileDatabaseInfo.fromFileDatabaseInfo(
+                    FileDatabaseInfo(applicationContext, it))
+        }
+    }
+
    override fun onBind(intent: Intent): IBinder? {
        super.onBind(intent)
        return mActionTaskBinder
@@ -130,6 +180,7 @@ open class DatabaseTaskNotificationService : LockNotificationService(), Progress
        val actionRunnable: ActionRunnable? =  when (intentAction) {
            ACTION_DATABASE_CREATE_TASK -> buildDatabaseCreateActionTask(intent)
            ACTION_DATABASE_LOAD_TASK -> buildDatabaseLoadActionTask(intent)
+            ACTION_DATABASE_RELOAD_TASK -> buildDatabaseReloadActionTask()
            ACTION_DATABASE_ASSIGN_PASSWORD_TASK -> buildDatabaseAssignPasswordActionTask(intent)
            ACTION_DATABASE_CREATE_GROUP_TASK -> buildDatabaseCreateGroupActionTask(intent)
            ACTION_DATABASE_UPDATE_GROUP_TASK -> buildDatabaseUpdateGroupActionTask(intent)
@@ -185,6 +236,8 @@ open class DatabaseTaskNotificationService : LockNotificationService(), Progress
                                }
                            } finally {
                                removeIntentData(intent)
+                                // Save the database info after performing action
+                                saveDatabaseInfo()
                                TimeoutHelper.releaseTemporarilyDisableTimeout()
                                if (TimeoutHelper.checkTimeAndLockIfTimeout(this@DatabaseTaskNotificationService)) {
                                    if (!mDatabase.loaded) {
@@ -206,7 +259,9 @@ open class DatabaseTaskNotificationService : LockNotificationService(), Progress
        }

        return when (intentAction) {
-            ACTION_DATABASE_LOAD_TASK, null -> {
+            ACTION_DATABASE_LOAD_TASK,
+            ACTION_DATABASE_RELOAD_TASK,
+            null -> {
                START_STICKY
            }
            else -> {
@@ -240,7 +295,8 @@ open class DatabaseTaskNotificationService : LockNotificationService(), Progress
            else -> {
                when (intentAction) {
                    ACTION_DATABASE_CREATE_TASK -> R.string.creating_database
-                    ACTION_DATABASE_LOAD_TASK -> R.string.loading_database
+                    ACTION_DATABASE_LOAD_TASK,
+                    ACTION_DATABASE_RELOAD_TASK -> R.string.loading_database
                    ACTION_DATABASE_SAVE -> R.string.saving_database
                    else -> {
                        R.string.command_execution
@@ -250,13 +306,15 @@ open class DatabaseTaskNotificationService : LockNotificationService(), Progress
        }

        mMessageId = when (intentAction) {
-            ACTION_DATABASE_LOAD_TASK -> null
+            ACTION_DATABASE_LOAD_TASK,
+            ACTION_DATABASE_RELOAD_TASK -> null
            else -> null
        }

        mWarningId =
                if (!saveAction
-                        || intentAction == ACTION_DATABASE_LOAD_TASK)
+                        || intentAction == ACTION_DATABASE_LOAD_TASK
+                        || intentAction == ACTION_DATABASE_RELOAD_TASK)
                    null
                else
                    R.string.do_not_kill_app
@@ -274,14 +332,12 @@ open class DatabaseTaskNotificationService : LockNotificationService(), Progress
            // Database is normally open
            if (mDatabase.loaded) {
                // Build Intents for notification action
-                var pendingDatabaseFlag = 0
-                if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
-                    pendingDatabaseFlag = PendingIntent.FLAG_IMMUTABLE
-                }
                val pendingDatabaseIntent = PendingIntent.getActivity(this,
                        0,
-                        Intent(this, GroupActivity::class.java),
-                        pendingDatabaseFlag)
+                        Intent(this, GroupActivity::class.java).apply {
+                            ReadOnlyHelper.putReadOnlyInIntent(this, mDatabase.isReadOnly)
+                        },
+                        PendingIntent.FLAG_UPDATE_CURRENT)
                val deleteIntent = Intent(this, DatabaseTaskNotificationService::class.java).apply {
                    action = ACTION_DATABASE_CLOSE
                }
@@ -336,9 +392,9 @@ open class DatabaseTaskNotificationService : LockNotificationService(), Progress
     * Execute action with a coroutine
      */
    private suspend fun executeAction(progressTaskUpdater: ProgressTaskUpdater,
-                                     onPreExecute: () -> Unit,
-                                     onExecute: (ProgressTaskUpdater?) -> ActionRunnable?,
-                                     onPostExecute: (result: ActionRunnable.Result) -> Unit) {
+                                      onPreExecute: () -> Unit,
+                                      onExecute: (ProgressTaskUpdater?) -> ActionRunnable?,
+                                      onPostExecute: (result: ActionRunnable.Result) -> Unit) {
        mAllowFinishAction.set(false)

        TimeoutHelper.temporarilyDisableTimeout()
@@ -459,6 +515,17 @@ open class DatabaseTaskNotificationService : LockNotificationService(), Progress
        }
    }

+    private fun buildDatabaseReloadActionTask(): ActionRunnable {
+        return ReloadDatabaseRunnable(
+                    this,
+                    mDatabase,
+                    this
+            ) { result ->
+                // No need to add each info to reload database
+                result.data = Bundle()
+            }
+    }
+
    private fun buildDatabaseAssignPasswordActionTask(intent: Intent): ActionRunnable? {
        return if (intent.hasExtra(DATABASE_URI_KEY)
                && intent.hasExtra(MASTER_PASSWORD_CHECKED_KEY)
@@ -760,8 +827,11 @@ open class DatabaseTaskNotificationService : LockNotificationService(), Progress

        private val TAG = DatabaseTaskNotificationService::class.java.name

+        private const val CHANNEL_DATABASE_ID = "com.kunzisoft.keepass.notification.channel.database"
+
        const val ACTION_DATABASE_CREATE_TASK = "ACTION_DATABASE_CREATE_TASK"
        const val ACTION_DATABASE_LOAD_TASK = "ACTION_DATABASE_LOAD_TASK"
+        const val ACTION_DATABASE_RELOAD_TASK = "ACTION_DATABASE_RELOAD_TASK"
        const val ACTION_DATABASE_ASSIGN_PASSWORD_TASK = "ACTION_DATABASE_ASSIGN_PASSWORD_TASK"
        const val ACTION_DATABASE_CREATE_GROUP_TASK = "ACTION_DATABASE_CREATE_GROUP_TASK"
        const val ACTION_DATABASE_UPDATE_GROUP_TASK = "ACTION_DATABASE_UPDATE_GROUP_TASK"
--- a/app/src/main/java/com/kunzisoft/keepass/notifications/KeyboardEntryNotificationService.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/notifications/KeyboardEntryNotificationService.kt
@@ -40,6 +40,14 @@ class KeyboardEntryNotificationService : LockNotificationService() {

    private var pendingDeleteIntent: PendingIntent? = null

+    override fun retrieveChannelId(): String {
+        return CHANNEL_MAGIKEYBOARD_ID
+    }
+
+    override fun retrieveChannelName(): String {
+        return getString(R.string.magic_keyboard_title)
+    }
+
    private fun stopNotificationAndSendLockIfNeeded() {
        // Clear the entry if define in preferences
        if (PreferencesUtil.isClearKeyboardNotificationEnable(this)) {
@@ -145,8 +153,9 @@ class KeyboardEntryNotificationService : LockNotificationService() {

        private const val TAG = "KeyboardEntryNotifSrv"

-        const val ENTRY_INFO_KEY = "ENTRY_INFO_KEY"
+        private const val CHANNEL_MAGIKEYBOARD_ID = "com.kunzisoft.keepass.notification.channel.magikeyboard"

+        const val ENTRY_INFO_KEY = "ENTRY_INFO_KEY"
        const val ACTION_CLEAN_KEYBOARD_ENTRY = "ACTION_CLEAN_KEYBOARD_ENTRY"

        fun launchNotificationIfAllowed(context: Context, entry: EntryInfo, toast: Boolean) {
--- a/app/src/main/java/com/kunzisoft/keepass/notifications/LockNotificationService.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/notifications/LockNotificationService.kt
@@ -20,7 +20,6 @@
 package com.kunzisoft.keepass.notifications

 import android.content.Intent
-import com.kunzisoft.keepass.timeout.TimeoutHelper
 import com.kunzisoft.keepass.utils.LockReceiver
 import com.kunzisoft.keepass.utils.registerLockReceiver
 import com.kunzisoft.keepass.utils.unregisterLockReceiver
--- a/app/src/main/java/com/kunzisoft/keepass/notifications/NotificationService.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/notifications/NotificationService.kt
@@ -24,6 +24,14 @@ abstract class NotificationService : Service() {
        return null
    }

+    open fun retrieveChannelId(): String {
+        return CHANNEL_ID
+    }
+
+    open fun retrieveChannelName(): String {
+        return CHANNEL_NAME
+    }
+
    override fun onCreate() {
        super.onCreate()

@@ -31,9 +39,9 @@ abstract class NotificationService : Service() {

        // Create notification channel for Oreo+
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
-            if (notificationManager?.getNotificationChannel(CHANNEL_ID_KEEPASS) == null) {
-                val channel = NotificationChannel(CHANNEL_ID_KEEPASS,
-                        CHANNEL_NAME_KEEPASS,
+            if (notificationManager?.getNotificationChannel(retrieveChannelId()) == null) {
+                val channel = NotificationChannel(retrieveChannelId(),
+                        retrieveChannelName(),
                        NotificationManager.IMPORTANCE_DEFAULT).apply {
                    enableVibration(false)
                    setSound(null, null)
@@ -51,7 +59,7 @@ abstract class NotificationService : Service() {
    }

    protected fun buildNewNotification(): NotificationCompat.Builder {
-        return NotificationCompat.Builder(this, CHANNEL_ID_KEEPASS)
+        return NotificationCompat.Builder(this, retrieveChannelId())
                .setColor(colorNotificationAccent)
                .setPriority(NotificationCompat.PRIORITY_DEFAULT)
                .setVisibility(NotificationCompat.VISIBILITY_SECRET)
@@ -70,7 +78,7 @@ abstract class NotificationService : Service() {
    }

    companion object {
-        const val CHANNEL_ID_KEEPASS = "com.kunzisoft.keepass.notification.channel"
-        const val CHANNEL_NAME_KEEPASS = "KeePassDX notification"
+        private const val CHANNEL_ID = "com.kunzisoft.keepass.notification.channel"
+        private const val CHANNEL_NAME = "KeePassDX notification"
    }
 }
--- a/app/src/main/java/com/kunzisoft/keepass/otp/OtpElement.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/otp/OtpElement.kt
@@ -20,6 +20,7 @@
 package com.kunzisoft.keepass.otp

 import com.kunzisoft.keepass.model.OtpModel
+import com.kunzisoft.keepass.utils.StringUtil.removeSpaceChars
 import org.apache.commons.codec.binary.Base32
 import org.apache.commons.codec.binary.Base64
 import org.apache.commons.codec.binary.Hex
@@ -150,16 +151,16 @@ data class OtpElement(var otpModel: OtpModel = OtpModel()) {

    @Throws(IllegalArgumentException::class)
    fun setBase32Secret(secret: String) {
-        if (isValidBase32(secret))
-            otpModel.secret = Base32().decode(replaceBase32Chars(secret).toByteArray())
-        else
+        if (isValidBase32(secret)) {
+            otpModel.secret = Base32().decode(replaceBase32Chars(secret))
+        } else
            throw IllegalArgumentException()
    }

    @Throws(IllegalArgumentException::class)
    fun setBase64Secret(secret: String) {
        if (isValidBase64(secret))
-            otpModel.secret = Base64().decode(secret.toByteArray())
+            otpModel.secret = Base64().decode(secret)
        else
            throw IllegalArgumentException()
    }
@@ -208,34 +209,24 @@ data class OtpElement(var otpModel: OtpModel = OtpModel()) {

        fun isValidBase32(secret: String): Boolean {
            val secretChars = replaceBase32Chars(secret)
-            return secretChars.isNotEmpty() && checkBase32Secret(secretChars)
+            return secret.isNotEmpty()
+                    && (Pattern.matches("^(?:[A-Z2-7]{8})*(?:[A-Z2-7]{2}={6}|[A-Z2-7]{4}={4}|[A-Z2-7]{5}={3}|[A-Z2-7]{7}=)?$", secretChars))
        }

        fun isValidBase64(secret: String): Boolean {
            // TODO replace base 64 chars
-            return secret.isNotEmpty() && checkBase64Secret(secret)
-        }
-
-        fun replaceSpaceChars(parameter: String): String {
-            return parameter.replace("[\\r|\\n|\\t|\\s|\\u00A0]+".toRegex(), "")
+            return secret.isNotEmpty()
+                    && (Pattern.matches("^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$", secret))
        }

        fun replaceBase32Chars(parameter: String): String {
-            // Add 'A' at end if not Base32 length
-            var parameterNewSize = replaceSpaceChars(parameter.toUpperCase(Locale.ENGLISH))
+            // Add padding '=' at end if not Base32 length
+            var parameterNewSize = parameter.toUpperCase(Locale.ENGLISH).removeSpaceChars()
            while (parameterNewSize.length % 8 != 0) {
-                parameterNewSize += 'A'
+                parameterNewSize += '='
            }
            return parameterNewSize
        }
-
-        fun checkBase32Secret(secret: String): Boolean {
-            return (Pattern.matches("^(?:[A-Z2-7]{8})*(?:[A-Z2-7]{2}={6}|[A-Z2-7]{4}={4}|[A-Z2-7]{5}={3}|[A-Z2-7]{7}=)?$", secret))
-        }
-
-        fun checkBase64Secret(secret: String): Boolean {
-            return (Pattern.matches("^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$", secret))
-        }
    }
 }

--- a/app/src/main/java/com/kunzisoft/keepass/otp/OtpEntryFields.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/otp/OtpEntryFields.kt
@@ -24,9 +24,9 @@ import android.net.Uri
 import android.util.Log
 import com.kunzisoft.keepass.database.element.security.ProtectedString
 import com.kunzisoft.keepass.model.Field
-import com.kunzisoft.keepass.otp.OtpElement.Companion.replaceSpaceChars
 import com.kunzisoft.keepass.otp.TokenCalculator.*
-import java.net.URLEncoder
+import com.kunzisoft.keepass.utils.StringUtil.removeLineChars
+import com.kunzisoft.keepass.utils.StringUtil.removeSpaceChars
 import java.util.*
 import java.util.regex.Pattern

@@ -35,7 +35,7 @@ object OtpEntryFields {
    private val TAG = OtpEntryFields::class.java.name

    // Field from KeePassXC
-    private const val OTP_FIELD = "otp"
+    const val OTP_FIELD = "otp"

    // URL parameters (https://github.com/google/google-authenticator/wiki/Key-Uri-Format)
    private const val OTP_SCHEME = "otpauth"
@@ -49,18 +49,33 @@ object OtpEntryFields {
    private const val ENCODER_URL_PARAM = "encoder"
    private const val COUNTER_URL_PARAM = "counter"

+    // OTPauth URI
+    private const val REGEX_OTP_AUTH = "^(?:otpauth://([ht]otp)/)(?:(?:([^:?#]*): *)?([^:?#]*))(?:\\?([^#]+))$"
+
    // Key-values (maybe from plugin or old KeePassXC)
    private const val SEED_KEY = "key"
    private const val DIGITS_KEY = "size"
    private const val STEP_KEY = "step"

-    // HmacOtp KeePass2 values (https://keepass.info/help/base/placeholders.html#hmacotp)
+    // HmacOtp KeePass2 values (https://keepass.info/help/base/placeholders.html#otp)
    private const val HMACOTP_SECRET_FIELD = "HmacOtp-Secret"
    private const val HMACOTP_SECRET_HEX_FIELD = "HmacOtp-Secret-Hex"
    private const val HMACOTP_SECRET_BASE32_FIELD = "HmacOtp-Secret-Base32"
    private const val HMACOTP_SECRET_BASE64_FIELD = "HmacOtp-Secret-Base64"
    private const val HMACOTP_SECRET_COUNTER_FIELD = "HmacOtp-Counter"

+    // TimeOtp KeePass2 values
+    private const val TIMEOTP_SECRET_FIELD = "TimeOtp-Secret"
+    private const val TIMEOTP_SECRET_HEX_FIELD = "TimeOtp-Secret-Hex"
+    private const val TIMEOTP_SECRET_BASE32_FIELD = "TimeOtp-Secret-Base32"
+    private const val TIMEOTP_SECRET_BASE64_FIELD = "TimeOtp-Secret-Base64"
+    private const val TIMEOTP_LENGTH_FIELD = "TimeOtp-Length"
+    private const val TIMEOTP_PERIOD_FIELD = "TimeOtp-Period"
+    private const val TIMEOTP_ALGORITHM_FIELD = "TimeOtp-Algorithm"
+    private const val TIMEOTP_ALGORITHM_SHA1_VALUE = "HMAC-SHA-1"
+    private const val TIMEOTP_ALGORITHM_SHA256_VALUE = "HMAC-SHA-256"
+    private const val TIMEOTP_ALGORITHM_SHA512_VALUE = "HMAC-SHA-512"
+
    // Custom fields (maybe from plugin)
    private const val TOTP_SEED_FIELD = "TOTP Seed"
    private const val TOTP_SETTING_FIELD = "TOTP Settings"
@@ -82,16 +97,37 @@ object OtpEntryFields {
        // OTP (HOTP/TOTP) from URL and field from KeePassXC
        if (parseOTPUri(getField, otpElement))
            return otpElement
+        // TOTP from KeePass 2.47
+        if (parseTOTPFromOfficialField(getField, otpElement))
+            return otpElement
        // TOTP from key values (maybe plugin or old KeePassXC)
        if (parseTOTPKeyValues(getField, otpElement))
            return otpElement
        // TOTP from custom field
-        if (parseTOTPFromField(getField, otpElement))
+        if (parseTOTPFromPluginField(getField, otpElement))
            return otpElement
        // HOTP fields from KeePass 2
-        if (parseHOTPFromField(getField, otpElement))
+        if (parseHOTPFromOfficialField(getField, otpElement))
            return otpElement
+        return null
+    }

+    /**
+     * Tell if [otpUri] is a valid Otp URI
+     */
+    fun isOTPUri(otpUri: String): Boolean {
+        if (Pattern.matches(REGEX_OTP_AUTH, otpUri))
+            return true
+        return false
+    }
+
+    /**
+     * Get OtpElement from [otpUri]
+     */
+    fun parseOTPUri(otpUri: String): OtpElement? {
+        val otpElement = OtpElement()
+        if (parseOTPUri({ key -> if (key == OTP_FIELD) otpUri else null }, otpElement))
+            return otpElement
        return null
    }

@@ -104,8 +140,8 @@ object OtpEntryFields {
     */
    private fun parseOTPUri(getField: (id: String) -> String?, otpElement: OtpElement): Boolean {
        val otpPlainText = getField(OTP_FIELD)
-        if (otpPlainText != null && otpPlainText.isNotEmpty()) {
-            val uri = Uri.parse(replaceSpaceChars(otpPlainText))
+        if (otpPlainText != null && otpPlainText.isNotEmpty() && isOTPUri(otpPlainText)) {
+            val uri = Uri.parse(otpPlainText.removeSpaceChars())

            if (uri.scheme == null || OTP_SCHEME != uri.scheme!!.toLowerCase(Locale.ENGLISH)) {
                Log.e(TAG, "Invalid or missing scheme in uri")
@@ -135,12 +171,19 @@ object OtpEntryFields {
            }

            val nameParam = validateAndGetNameInPath(uri.path)
-            if (nameParam != null && nameParam.isNotEmpty())
-                otpElement.name = nameParam
+            if (nameParam != null && nameParam.isNotEmpty()) {
+                val userIdArray = nameParam.split(":", "%3A")
+                if (userIdArray.size > 1) {
+                    otpElement.issuer = userIdArray[0].removeLineChars()
+                    otpElement.name = userIdArray[1].removeLineChars()
+                } else {
+                    otpElement.name = nameParam.removeLineChars()
+                }
+            }

            val issuerParam = uri.getQueryParameter(ISSUER_URL_PARAM)
            if (issuerParam != null && issuerParam.isNotEmpty())
-                otpElement.issuer = issuerParam
+                otpElement.issuer = issuerParam.removeLineChars()

            val secretParam = uri.getQueryParameter(SECRET_URL_PARAM)
            if (secretParam != null && secretParam.isNotEmpty()) {
@@ -211,16 +254,17 @@ object OtpEntryFields {
        }
        val issuer =
                if (title != null && title.isNotEmpty())
-                    replaceCharsForUrl(title)
+                    encodeParameter(title)
                else
-                    replaceCharsForUrl(otpElement.issuer)
+                    encodeParameter(otpElement.issuer)
        val accountName =
                if (username != null && username.isNotEmpty())
-                    replaceCharsForUrl(username)
+                    encodeParameter(username)
                else
-                    replaceCharsForUrl(otpElement.name)
-        val uriString = StringBuilder("otpauth://$otpAuthority/$issuer:$accountName" +
-                "?$SECRET_URL_PARAM=${otpElement.getBase32Secret()}" +
+                    encodeParameter(otpElement.name)
+        val secret = encodeParameter(otpElement.getBase32Secret())
+        val uriString = StringBuilder("otpauth://$otpAuthority/$issuer%3A$accountName" +
+                "?$SECRET_URL_PARAM=${secret}" +
                "&$counterOrPeriodLabel=$counterOrPeriodValue" +
                "&$DIGITS_URL_PARAM=${otpElement.digits}" +
                "&$ISSUER_URL_PARAM=$issuer")
@@ -233,8 +277,41 @@ object OtpEntryFields {
        return Uri.parse(uriString.toString())
    }

-    private fun replaceCharsForUrl(parameter: String): String {
-        return URLEncoder.encode(replaceSpaceChars(parameter), "UTF-8")
+    private fun encodeParameter(parameter: String): String {
+        return Uri.encode(parameter.removeLineChars())
+    }
+
+    private fun parseTOTPFromOfficialField(getField: (id: String) -> String?, otpElement: OtpElement): Boolean {
+        val secretField = getField(TIMEOTP_SECRET_FIELD)
+        val secretHexField = getField(TIMEOTP_SECRET_HEX_FIELD)
+        val secretBase32Field = getField(TIMEOTP_SECRET_BASE32_FIELD)
+        val secretBase64Field = getField(TIMEOTP_SECRET_BASE64_FIELD)
+        val lengthField = getField(TIMEOTP_LENGTH_FIELD)
+        val periodField = getField(TIMEOTP_PERIOD_FIELD)
+        val algorithmField = getField(TIMEOTP_ALGORITHM_FIELD)
+        try {
+            when {
+                secretField != null -> otpElement.setUTF8Secret(secretField)
+                secretHexField != null -> otpElement.setHexSecret(secretHexField)
+                secretBase32Field != null -> otpElement.setBase32Secret(secretBase32Field)
+                secretBase64Field != null -> otpElement.setBase64Secret(secretBase64Field)
+                lengthField != null -> otpElement.digits = lengthField.toIntOrNull() ?: OTP_DEFAULT_DIGITS
+                periodField != null -> otpElement.period = periodField.toIntOrNull() ?: TOTP_DEFAULT_PERIOD
+                algorithmField != null -> otpElement.algorithm =
+                    when (algorithmField.toUpperCase(Locale.ENGLISH)) {
+                        TIMEOTP_ALGORITHM_SHA1_VALUE -> HashAlgorithm.SHA1
+                        TIMEOTP_ALGORITHM_SHA256_VALUE -> HashAlgorithm.SHA256
+                        TIMEOTP_ALGORITHM_SHA512_VALUE -> HashAlgorithm.SHA512
+                        else -> HashAlgorithm.SHA1
+                    }
+                else -> return false
+            }
+        } catch (exception: Exception) {
+            return false
+        }
+
+        otpElement.type = OtpType.TOTP
+        return true
    }

    private fun parseTOTPKeyValues(getField: (id: String) -> String?, otpElement: OtpElement): Boolean {
@@ -262,7 +339,7 @@ object OtpEntryFields {
        return false
    }

-    private fun parseTOTPFromField(getField: (id: String) -> String?, otpElement: OtpElement): Boolean {
+    private fun parseTOTPFromPluginField(getField: (id: String) -> String?, otpElement: OtpElement): Boolean {
        val seedField = getField(TOTP_SEED_FIELD) ?: return false
        try {
            otpElement.setBase32Secret(seedField)
@@ -288,7 +365,7 @@ object OtpEntryFields {
        return true
    }

-    private fun parseHOTPFromField(getField: (id: String) -> String?, otpElement: OtpElement): Boolean {
+    private fun parseHOTPFromOfficialField(getField: (id: String) -> String?, otpElement: OtpElement): Boolean {
        val secretField = getField(HMACOTP_SECRET_FIELD)
        val secretHexField = getField(HMACOTP_SECRET_HEX_FIELD)
        val secretBase32Field = getField(HMACOTP_SECRET_BASE32_FIELD)
@@ -321,7 +398,7 @@ object OtpEntryFields {
        // path is "/name", so remove leading "/", and trailing white spaces
        val name = path.substring(1).trim { it <= ' ' }
        return if (name.isEmpty()) {
-            null // only white spaces.
+            null
        } else name
    }

@@ -338,7 +415,7 @@ object OtpEntryFields {
    /**
     * Build Otp field from an OtpElement
     */
-    fun buildOtpField(otpElement: OtpElement, title: String?, username: String?): Field {
+    fun buildOtpField(otpElement: OtpElement, title: String? = null, username: String? = null): Field {
        return Field(OTP_FIELD, ProtectedString(true,
                buildOtpUri(otpElement, title, username).toString()))
    }
@@ -354,25 +431,43 @@ object OtpEntryFields {
        val totpSeedField = Field(TOTP_SEED_FIELD)
        val totpSettingField = Field(TOTP_SETTING_FIELD)
        val hmacOtpSecretField = Field(HMACOTP_SECRET_FIELD)
-        val hmacOtpSecretHewField = Field(HMACOTP_SECRET_HEX_FIELD)
+        val hmacOtpSecretHexField = Field(HMACOTP_SECRET_HEX_FIELD)
        val hmacOtpSecretBase32Field = Field(HMACOTP_SECRET_BASE32_FIELD)
        val hmacOtpSecretBase64Field = Field(HMACOTP_SECRET_BASE64_FIELD)
        val hmacOtpSecretCounterField = Field(HMACOTP_SECRET_COUNTER_FIELD)
+        val timeOtpSecretField = Field(TIMEOTP_SECRET_FIELD)
+        val timeOtpSecretHexField = Field(TIMEOTP_SECRET_HEX_FIELD)
+        val timeOtpSecretBase32Field = Field(TIMEOTP_SECRET_BASE32_FIELD)
+        val timeOtpSecretBase64Field = Field(TIMEOTP_SECRET_BASE64_FIELD)
+        val timeOtpLengthField = Field(TIMEOTP_LENGTH_FIELD)
+        val timeOtpPeriodField = Field(TIMEOTP_PERIOD_FIELD)
+        val timeOtpAlgorithmField = Field(TIMEOTP_ALGORITHM_FIELD)
        newCustomFields.remove(otpField)
        newCustomFields.remove(totpSeedField)
        newCustomFields.remove(totpSettingField)
        newCustomFields.remove(hmacOtpSecretField)
-        newCustomFields.remove(hmacOtpSecretHewField)
+        newCustomFields.remove(hmacOtpSecretHexField)
        newCustomFields.remove(hmacOtpSecretBase32Field)
        newCustomFields.remove(hmacOtpSecretBase64Field)
        newCustomFields.remove(hmacOtpSecretCounterField)
+        newCustomFields.remove(timeOtpSecretField)
+        newCustomFields.remove(timeOtpSecretHexField)
+        newCustomFields.remove(timeOtpSecretBase32Field)
+        newCustomFields.remove(timeOtpSecretBase64Field)
+        newCustomFields.remove(timeOtpLengthField)
+        newCustomFields.remove(timeOtpPeriodField)
+        newCustomFields.remove(timeOtpAlgorithmField)
        // Empty auto generated OTP Token field
        if (fieldsToParse.contains(otpField)
                || fieldsToParse.contains(totpSeedField)
                || fieldsToParse.contains(hmacOtpSecretField)
-                || fieldsToParse.contains(hmacOtpSecretHewField)
+                || fieldsToParse.contains(hmacOtpSecretHexField)
                || fieldsToParse.contains(hmacOtpSecretBase32Field)
                || fieldsToParse.contains(hmacOtpSecretBase64Field)
+                || fieldsToParse.contains(timeOtpSecretField)
+                || fieldsToParse.contains(timeOtpSecretHexField)
+                || fieldsToParse.contains(timeOtpSecretBase32Field)
+                || fieldsToParse.contains(timeOtpSecretBase64Field)
        )
            newCustomFields.add(Field(OTP_TOKEN_FIELD))
        return newCustomFields
--- a/app/src/main/java/com/kunzisoft/keepass/settings/AutofillSettingsFragment.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/settings/AutofillSettingsFragment.kt
@@ -19,10 +19,12 @@
 */
 package com.kunzisoft.keepass.settings

+import android.os.Build
 import android.os.Bundle
 import androidx.fragment.app.DialogFragment
 import androidx.preference.Preference
 import androidx.preference.PreferenceFragmentCompat
+import androidx.preference.SwitchPreference
 import com.kunzisoft.keepass.R
 import com.kunzisoft.keepass.settings.preferencedialogfragment.AutofillBlocklistAppIdPreferenceDialogFragmentCompat
 import com.kunzisoft.keepass.settings.preferencedialogfragment.AutofillBlocklistWebDomainPreferenceDialogFragmentCompat
@@ -32,6 +34,11 @@ class AutofillSettingsFragment : PreferenceFragmentCompat() {
    override fun onCreatePreferences(savedInstanceState: Bundle?, rootKey: String?) {
        // Load the preferences from an XML resource
        setPreferencesFromResource(R.xml.preferences_autofill, rootKey)
+
+        val autofillInlineSuggestionsPreference: SwitchPreference? = findPreference(getString(R.string.autofill_inline_suggestions_key))
+        if (Build.VERSION.SDK_INT < Build.VERSION_CODES.R) {
+            autofillInlineSuggestionsPreference?.isVisible = false
+        }
    }

    override fun onDisplayPreferenceDialog(preference: Preference?) {
--- a/app/src/main/java/com/kunzisoft/keepass/settings/MainPreferenceFragment.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/settings/MainPreferenceFragment.kt
@@ -103,6 +103,6 @@ class MainPreferenceFragment : PreferenceFragmentCompat() {
    }

    interface Callback {
-        fun onNestedPreferenceSelected(key: NestedSettingsFragment.Screen)
+        fun onNestedPreferenceSelected(key: NestedSettingsFragment.Screen, reload: Boolean = false)
    }
 }
--- a/app/src/main/java/com/kunzisoft/keepass/settings/NestedAppSettingsFragment.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/settings/NestedAppSettingsFragment.kt
@@ -30,7 +30,7 @@ import android.view.autofill.AutofillManager
 import android.widget.Toast
 import androidx.annotation.RequiresApi
 import androidx.appcompat.app.AlertDialog
-import androidx.biometric.BiometricManager
+import androidx.fragment.app.FragmentActivity
 import androidx.preference.ListPreference
 import androidx.preference.Preference
 import androidx.preference.SwitchPreference
@@ -41,15 +41,18 @@ import com.kunzisoft.keepass.activities.dialogs.UnavailableFeatureDialogFragment
 import com.kunzisoft.keepass.activities.stylish.Stylish
 import com.kunzisoft.keepass.app.database.CipherDatabaseAction
 import com.kunzisoft.keepass.app.database.FileDatabaseHistoryAction
-import com.kunzisoft.keepass.biometric.BiometricUnlockDatabaseHelper
+import com.kunzisoft.keepass.biometric.AdvancedUnlockManager
 import com.kunzisoft.keepass.education.Education
 import com.kunzisoft.keepass.icons.IconPackChooser
+import com.kunzisoft.keepass.notifications.AdvancedUnlockNotificationService
 import com.kunzisoft.keepass.settings.preference.IconPackListPreference
 import com.kunzisoft.keepass.utils.UriUtil


 class NestedAppSettingsFragment : NestedSettingsFragment() {

+    private var deleteKeysAlertDialog: AlertDialog? = null
+
    override fun onCreateScreenPreference(screen: Screen, savedInstanceState: Bundle?, rootKey: String?) {

        // Load the preferences from an XML resource
@@ -208,15 +211,18 @@ class NestedAppSettingsFragment : NestedSettingsFragment() {
        setPreferencesFromResource(R.xml.preferences_advanced_unlock, rootKey)

        activity?.let { activity ->
+
            val biometricUnlockEnablePreference: SwitchPreference? = findPreference(getString(R.string.biometric_unlock_enable_key))
-            val deleteKeysFingerprints: Preference? = findPreference(getString(R.string.biometric_delete_all_key_key))
-            // < M solve verifyError exception
+            val deviceCredentialUnlockEnablePreference: SwitchPreference? = findPreference(getString(R.string.device_credential_unlock_enable_key))
+            val autoOpenPromptPreference: SwitchPreference? = findPreference(getString(R.string.biometric_auto_open_prompt_key))
+            val tempAdvancedUnlockPreference: SwitchPreference? = findPreference(getString(R.string.temp_advanced_unlock_enable_key))
+
            val biometricUnlockSupported = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
-                BiometricUnlockDatabaseHelper.unlockSupported(activity)
+                AdvancedUnlockManager.biometricUnlockSupported(activity)
            } else false
-            if (!biometricUnlockSupported) {
+            biometricUnlockEnablePreference?.apply {
                // False if under Marshmallow
-                biometricUnlockEnablePreference?.apply {
+                if (!biometricUnlockSupported) {
                    isChecked = false
                    setOnPreferenceClickListener { preference ->
                        (preference as SwitchPreference).isChecked = false
@@ -224,42 +230,98 @@ class NestedAppSettingsFragment : NestedSettingsFragment() {
                                .show(parentFragmentManager, "unavailableFeatureDialog")
                        false
                    }
-                }
-                deleteKeysFingerprints?.isEnabled = false
-            } else {
-                deleteKeysFingerprints?.setOnPreferenceClickListener {
-                    context?.let { context ->
-                        AlertDialog.Builder(context)
-                                .setMessage(resources.getString(R.string.biometric_delete_all_key_warning))
-                                .setIcon(android.R.drawable.ic_dialog_alert)
-                                .setPositiveButton(resources.getString(android.R.string.ok)
-                                ) { _, _ ->
-                                    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
-                                        BiometricUnlockDatabaseHelper.deleteEntryKeyInKeystoreForBiometric(
-                                                activity,
-                                                object : BiometricUnlockDatabaseHelper.BiometricUnlockErrorCallback {
-                                                    fun showException(e: Exception) {
-                                                        Toast.makeText(context,
-                                                                getString(R.string.biometric_scanning_error, e.localizedMessage),
-                                                                Toast.LENGTH_SHORT).show()
-                                                    }
-
-                                                    override fun onInvalidKeyException(e: Exception) {
-                                                        showException(e)
-                                                    }
-
-                                                    override fun onBiometricException(e: Exception) {
-                                                        showException(e)
-                                                    }
-                                                })
-                                    }
-                                    CipherDatabaseAction.getInstance(context.applicationContext).deleteAll()
+                } else {
+                    setOnPreferenceClickListener {
+                        val biometricChecked = biometricUnlockEnablePreference.isChecked
+                        val deviceCredentialChecked = deviceCredentialUnlockEnablePreference?.isChecked ?: false
+                        if (!biometricChecked) {
+                            biometricUnlockEnablePreference.isChecked = true
+                            deleteKeysMessage(activity) {
+                                biometricUnlockEnablePreference.isChecked = false
+                                autoOpenPromptPreference?.isEnabled = deviceCredentialChecked
+                                tempAdvancedUnlockPreference?.isEnabled = deviceCredentialChecked
+                            }
+                        } else {
+                            if (deviceCredentialChecked) {
+                                biometricUnlockEnablePreference.isChecked = false
+                                deleteKeysMessage(activity) {
+                                    biometricUnlockEnablePreference.isChecked = true
+                                    deviceCredentialUnlockEnablePreference?.isChecked = false
                                }
-                                .setNegativeButton(resources.getString(android.R.string.cancel))
-                                { _, _ -> }.show()
+                            } else {
+                                autoOpenPromptPreference?.isEnabled = true
+                                tempAdvancedUnlockPreference?.isEnabled = true
+                            }
+                        }
+                        true
                    }
+                }
+            }
+
+            val deviceCredentialUnlockSupported = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
+                AdvancedUnlockManager.deviceCredentialUnlockSupported(activity)
+            } else false
+            deviceCredentialUnlockEnablePreference?.apply {
+                // Biometric unlock already checked
+                if (biometricUnlockEnablePreference?.isChecked == true)
+                    isChecked = false
+                if (!deviceCredentialUnlockSupported) {
+                    isChecked = false
+                    setOnPreferenceClickListener { preference ->
+                        (preference as SwitchPreference).isChecked = false
+                        UnavailableFeatureDialogFragment.getInstance(Build.VERSION_CODES.M)
+                                .show(parentFragmentManager, "unavailableFeatureDialog")
+                        false
+                    }
+                } else {
+                    setOnPreferenceClickListener {
+                        val deviceCredentialChecked = deviceCredentialUnlockEnablePreference.isChecked
+                        val biometricChecked = biometricUnlockEnablePreference?.isChecked ?: false
+                        if (!deviceCredentialChecked) {
+                            deviceCredentialUnlockEnablePreference.isChecked = true
+                            deleteKeysMessage(activity) {
+                                deviceCredentialUnlockEnablePreference.isChecked = false
+                                autoOpenPromptPreference?.isEnabled = biometricChecked
+                                tempAdvancedUnlockPreference?.isEnabled = biometricChecked
+                            }
+                        } else {
+                            if (biometricChecked) {
+                                deviceCredentialUnlockEnablePreference.isChecked = false
+                                deleteKeysMessage(activity) {
+                                    deviceCredentialUnlockEnablePreference.isChecked = true
+                                    biometricUnlockEnablePreference?.isChecked = false
+                                }
+                            } else {
+                                autoOpenPromptPreference?.isEnabled = true
+                                tempAdvancedUnlockPreference?.isEnabled = true
+                            }
+                        }
+                        true
+                    }
+                }
+            }
+
+            autoOpenPromptPreference?.isEnabled = biometricUnlockEnablePreference?.isChecked == true
+                        || deviceCredentialUnlockEnablePreference?.isChecked == true
+            tempAdvancedUnlockPreference?.isEnabled = biometricUnlockEnablePreference?.isChecked == true
+                    || deviceCredentialUnlockEnablePreference?.isChecked == true
+
+            tempAdvancedUnlockPreference?.setOnPreferenceClickListener {
+                tempAdvancedUnlockPreference.isChecked = !tempAdvancedUnlockPreference.isChecked
+                deleteKeysMessage(activity) {
+                    tempAdvancedUnlockPreference.isChecked = !tempAdvancedUnlockPreference.isChecked
+                }
+                true
+            }
+
+            val deleteKeysFingerprints: Preference? = findPreference(getString(R.string.biometric_delete_all_key_key))
+            if (biometricUnlockSupported || deviceCredentialUnlockSupported) {
+                deleteKeysFingerprints?.setOnPreferenceClickListener {
+                    deleteKeysMessage(activity)
                    false
                }
+            } else {
+                deleteKeysFingerprints?.isEnabled = false
            }
        }

@@ -269,6 +331,42 @@ class NestedAppSettingsFragment : NestedSettingsFragment() {
        }
    }

+    private fun deleteKeysMessage(activity: FragmentActivity, validate: (()->Unit)? = null) {
+        deleteKeysAlertDialog = AlertDialog.Builder(activity)
+                .setMessage(resources.getString(R.string.advanced_unlock_delete_all_key_warning))
+                .setIcon(android.R.drawable.ic_dialog_alert)
+                .setPositiveButton(resources.getString(android.R.string.ok)
+                ) { _, _ ->
+                    validate?.invoke()
+                    deleteKeysAlertDialog?.setOnDismissListener(null)
+                    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
+                        AdvancedUnlockManager.deleteEntryKeyInKeystoreForBiometric(
+                                activity,
+                                object : AdvancedUnlockManager.AdvancedUnlockErrorCallback {
+                                    fun showException(e: Exception) {
+                                        Toast.makeText(context,
+                                                getString(R.string.advanced_unlock_scanning_error, e.localizedMessage),
+                                                Toast.LENGTH_SHORT).show()
+                                    }
+
+                                    override fun onInvalidKeyException(e: Exception) {
+                                        showException(e)
+                                    }
+
+                                    override fun onGenericException(e: Exception) {
+                                        showException(e)
+                                    }
+                                })
+                    }
+                    AdvancedUnlockNotificationService.stopService(activity.applicationContext)
+                    CipherDatabaseAction.getInstance(activity.applicationContext).deleteAll()
+                }
+                .setNegativeButton(resources.getString(android.R.string.cancel)
+                ) { _, _ ->}
+                .create()
+        deleteKeysAlertDialog?.show()
+    }
+
    private fun onCreateAppearancePreferences(rootKey: String?) {
        setPreferencesFromResource(R.xml.preferences_appearance, rootKey)

@@ -328,7 +426,6 @@ class NestedAppSettingsFragment : NestedSettingsFragment() {

    override fun onResume() {
        super.onResume()
-
        activity?.let { activity ->
            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
                findPreference<SwitchPreference?>(getString(R.string.settings_autofill_enable_key))?.let { autoFillEnablePreference ->
@@ -340,6 +437,11 @@ class NestedAppSettingsFragment : NestedSettingsFragment() {
        }
    }

+    override fun onPause() {
+        deleteKeysAlertDialog?.dismiss()
+        super.onPause()
+    }
+
    private var mCount = 0
    override fun onStop() {
        super.onStop()
--- a/app/src/main/java/com/kunzisoft/keepass/settings/NestedDatabaseSettingsFragment.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/settings/NestedDatabaseSettingsFragment.kt
@@ -552,6 +552,10 @@ class NestedDatabaseSettingsFragment : NestedSettingsFragment() {
                settingActivity?.mProgressDatabaseTaskProvider?.startDatabaseSave(!mDatabaseReadOnly)
                true
            }
+            R.id.menu_reload_database -> {
+                settingActivity?.mProgressDatabaseTaskProvider?.startDatabaseReload(false)
+                return true
+            }

            else -> {
                // Check the time lock before launching settings
--- a/app/src/main/java/com/kunzisoft/keepass/settings/PreferencesUtil.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/settings/PreferencesUtil.kt
@@ -19,12 +19,14 @@
 */
 package com.kunzisoft.keepass.settings

+import android.app.backup.BackupManager
 import android.content.Context
 import android.content.res.Resources
 import android.net.Uri
 import androidx.preference.PreferenceManager
 import com.kunzisoft.keepass.BuildConfig
 import com.kunzisoft.keepass.R
+import com.kunzisoft.keepass.biometric.AdvancedUnlockManager
 import com.kunzisoft.keepass.database.element.SortNodeEnum
 import com.kunzisoft.keepass.timeout.TimeoutHelper
 import java.util.*
@@ -43,6 +45,7 @@ object PreferencesUtil {
            }
            apply()
        }
+        BackupManager(context).dataChanged()
    }

    fun getDefaultDatabasePath(context: Context): String? {
@@ -201,6 +204,13 @@ object PreferencesUtil {
                ?: TimeoutHelper.DEFAULT_TIMEOUT
    }

+    fun getAdvancedUnlockTimeout(context: Context): Long {
+        val prefs = PreferenceManager.getDefaultSharedPreferences(context)
+        return prefs.getString(context.getString(R.string.temp_advanced_unlock_timeout_key),
+                context.getString(R.string.temp_advanced_unlock_timeout_default))?.toLong()
+                ?: TimeoutHelper.DEFAULT_TIMEOUT
+    }
+
    fun isLockDatabaseWhenScreenShutOffEnable(context: Context): Boolean {
        val prefs = PreferenceManager.getDefaultSharedPreferences(context)
        return prefs.getBoolean(context.getString(R.string.lock_database_screen_off_key),
@@ -225,13 +235,38 @@ object PreferencesUtil {
                context.resources.getBoolean(R.bool.enable_auto_save_database_default))
    }

-    fun isBiometricUnlockEnable(context: Context): Boolean {
-        val prefs = PreferenceManager.getDefaultSharedPreferences(context)
-        return prefs.getBoolean(context.getString(R.string.biometric_unlock_enable_key),
-                context.resources.getBoolean(R.bool.biometric_unlock_enable_default))
+    fun isAdvancedUnlockEnable(context: Context): Boolean {
+        return isBiometricUnlockEnable(context) || isDeviceCredentialUnlockEnable(context)
    }

-    fun isBiometricPromptAutoOpenEnable(context: Context): Boolean {
+    fun isBiometricUnlockEnable(context: Context): Boolean {
+        val prefs = PreferenceManager.getDefaultSharedPreferences(context)
+        val biometricSupported = if (android.os.Build.VERSION.SDK_INT >= android.os.Build.VERSION_CODES.M) {
+            AdvancedUnlockManager.biometricUnlockSupported(context)
+        } else {
+            false
+        }
+        return prefs.getBoolean(context.getString(R.string.biometric_unlock_enable_key),
+                context.resources.getBoolean(R.bool.biometric_unlock_enable_default))
+                && biometricSupported
+    }
+
+    fun isDeviceCredentialUnlockEnable(context: Context): Boolean {
+        val prefs = PreferenceManager.getDefaultSharedPreferences(context)
+        // Priority to biometric unlock
+        val biometricAlreadySupported = isBiometricUnlockEnable(context)
+        return prefs.getBoolean(context.getString(R.string.device_credential_unlock_enable_key),
+                context.resources.getBoolean(R.bool.device_credential_unlock_enable_default))
+                && !biometricAlreadySupported
+    }
+
+    fun isTempAdvancedUnlockEnable(context: Context): Boolean {
+        val prefs = PreferenceManager.getDefaultSharedPreferences(context)
+        return prefs.getBoolean(context.getString(R.string.temp_advanced_unlock_enable_key),
+                context.resources.getBoolean(R.bool.temp_advanced_unlock_enable_default))
+    }
+
+    fun isAdvancedUnlockPromptAutoOpenEnable(context: Context): Boolean {
        val prefs = PreferenceManager.getDefaultSharedPreferences(context)
        return prefs.getBoolean(context.getString(R.string.biometric_auto_open_prompt_key),
                context.resources.getBoolean(R.bool.biometric_auto_open_prompt_default))
@@ -401,13 +436,18 @@ object PreferencesUtil {
                context.resources.getBoolean(R.bool.autofill_close_database_default))
    }

-
    fun isAutofillAutoSearchEnable(context: Context): Boolean {
        val prefs = PreferenceManager.getDefaultSharedPreferences(context)
        return prefs.getBoolean(context.getString(R.string.autofill_auto_search_key),
                context.resources.getBoolean(R.bool.autofill_auto_search_default))
    }

+    fun isAutofillInlineSuggestionsEnable(context: Context): Boolean {
+        val prefs = PreferenceManager.getDefaultSharedPreferences(context)
+        return prefs.getBoolean(context.getString(R.string.autofill_inline_suggestions_key),
+                context.resources.getBoolean(R.bool.autofill_inline_suggestions_default))
+    }
+
    fun isAutofillSaveSearchInfoEnable(context: Context): Boolean {
        val prefs = PreferenceManager.getDefaultSharedPreferences(context)
        return prefs.getBoolean(context.getString(R.string.autofill_save_search_info_key),
--- a/app/src/main/java/com/kunzisoft/keepass/settings/SettingsActivity.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/settings/SettingsActivity.kt
@@ -1,5 +1,5 @@
 /*
- * Copyright 2017 Brian Pellin, Jeremy Jamet / Kunzisoft.
+ * Copyright 2020 Jeremy Jamet / Kunzisoft.
 *     
 * This file is part of KeePassDX.
 *
@@ -21,7 +21,6 @@ package com.kunzisoft.keepass.settings

 import android.app.Activity
 import android.app.backup.BackupManager
-import android.content.DialogInterface
 import android.content.Intent
 import android.net.Uri
 import android.os.Bundle
@@ -35,7 +34,9 @@ import com.kunzisoft.keepass.activities.dialogs.AssignMasterKeyDialogFragment
 import com.kunzisoft.keepass.activities.dialogs.PasswordEncodingDialogFragment
 import com.kunzisoft.keepass.activities.helpers.ReadOnlyHelper
 import com.kunzisoft.keepass.activities.lock.LockingActivity
+import com.kunzisoft.keepass.activities.lock.resetAppTimeoutWhenViewFocusedOrChanged
 import com.kunzisoft.keepass.database.element.Database
+import com.kunzisoft.keepass.notifications.DatabaseTaskNotificationService
 import com.kunzisoft.keepass.timeout.TimeoutHelper
 import com.kunzisoft.keepass.view.showActionError

@@ -81,7 +82,7 @@ open class SettingsActivity
        }

        // Focus view to reinitialize timeout
-        resetAppTimeoutWhenViewFocusedOrChanged(coordinatorLayout)
+        coordinatorLayout?.resetAppTimeoutWhenViewFocusedOrChanged(this)

        if (savedInstanceState == null) {
            supportFragmentManager.beginTransaction()
@@ -94,12 +95,28 @@ open class SettingsActivity
        backupManager = BackupManager(this)

        mProgressDatabaseTaskProvider?.onActionFinish = { actionTask, result ->
-            // Call result in fragment
-            (supportFragmentManager
-                    .findFragmentByTag(TAG_NESTED) as NestedSettingsFragment?)
-                    ?.onProgressDialogThreadResult(actionTask, result)
+            when (actionTask) {
+                DatabaseTaskNotificationService.ACTION_DATABASE_RELOAD_TASK -> {
+                    // Reload the current activity
+                    startActivity(intent)
+                    finish()
+                    overridePendingTransition(android.R.anim.fade_in, android.R.anim.fade_out)
+                }
+                else -> {
+                    // Call result in fragment
+                    (supportFragmentManager
+                            .findFragmentByTag(TAG_NESTED) as NestedSettingsFragment?)
+                            ?.onProgressDialogThreadResult(actionTask, result)
+                    coordinatorLayout?.showActionError(result)
+                }
+            }
+        }

-            coordinatorLayout?.showActionError(result)
+        // To reload the current screen
+        if (intent.extras?.containsKey(FRAGMENT_ARG) == true) {
+            intent.extras?.getString(FRAGMENT_ARG)?.let { fragmentScreenName ->
+                onNestedPreferenceSelected(NestedSettingsFragment.Screen.valueOf(fragmentScreenName), true)
+            }
        }
    }

@@ -192,25 +209,33 @@ open class SettingsActivity
        hideOrShowLockButton(NestedSettingsFragment.Screen.APPLICATION)
    }

-    private fun replaceFragment(key: NestedSettingsFragment.Screen) {
-        supportFragmentManager.beginTransaction()
-                .setCustomAnimations(R.anim.slide_in_right, R.anim.slide_out_left,
+    private fun replaceFragment(key: NestedSettingsFragment.Screen, reload: Boolean) {
+        supportFragmentManager.beginTransaction().apply {
+            if (reload) {
+                setCustomAnimations(android.R.anim.fade_in, android.R.anim.fade_out,
                        R.anim.slide_in_left, R.anim.slide_out_right)
-                .replace(R.id.fragment_container, NestedSettingsFragment.newInstance(key, mReadOnly), TAG_NESTED)
-                .addToBackStack(TAG_NESTED)
-                .commit()
+            } else {
+                setCustomAnimations(R.anim.slide_in_right, R.anim.slide_out_left,
+                        R.anim.slide_in_left, R.anim.slide_out_right)
+            }
+            replace(R.id.fragment_container, NestedSettingsFragment.newInstance(key, mReadOnly), TAG_NESTED)
+            addToBackStack(TAG_NESTED)
+            commit()
+        }

        toolbar?.title = NestedSettingsFragment.retrieveTitle(resources, key)
+        // To reload the current screen
+        intent.putExtra(FRAGMENT_ARG, key.name)
        hideOrShowLockButton(key)
    }

-    override fun onNestedPreferenceSelected(key: NestedSettingsFragment.Screen) {
+    override fun onNestedPreferenceSelected(key: NestedSettingsFragment.Screen, reload: Boolean) {
        if (mTimeoutEnable)
            TimeoutHelper.checkTimeAndLockIfTimeoutOrResetTimeout(this) {
-                replaceFragment(key)
+                replaceFragment(key, reload)
            }
        else
-            replaceFragment(key)
+            replaceFragment(key, reload)
    }

    override fun onSaveInstanceState(outState: Bundle) {
@@ -225,6 +250,7 @@ open class SettingsActivity
        private const val SHOW_LOCK = "SHOW_LOCK"
        private const val TITLE_KEY = "TITLE_KEY"
        private const val TAG_NESTED = "TAG_NESTED"
+        private const val FRAGMENT_ARG = "FRAGMENT_ARG"

        fun launch(activity: Activity, readOnly: Boolean, timeoutEnable: Boolean) {
            val intent = Intent(activity, SettingsActivity::class.java)
--- a/app/src/main/java/com/kunzisoft/keepass/utils/BroadcastAction.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/utils/BroadcastAction.kt
@@ -77,13 +77,15 @@ class LockReceiver(var lockAction: () -> Unit) : BroadcastReceiver() {
                            cancelLockPendingIntent(context)
                        }
                    }
-                    LOCK_ACTION,
-                    REMOVE_ENTRY_MAGIKEYBOARD_ACTION -> {
+                    LOCK_ACTION -> {
                        lockAction.invoke()
                        if (PreferencesUtil.isKeyboardPreviousLockEnable(context)) {
                            backToPreviousKeyboardAction?.invoke()
                        } else {}
                    }
+                    REMOVE_ENTRY_MAGIKEYBOARD_ACTION -> {
+                        lockAction.invoke()
+                    }
                    BACK_PREVIOUS_KEYBOARD_ACTION -> {
                        backToPreviousKeyboardAction?.invoke()
                    }
@@ -136,5 +138,5 @@ fun Context.closeDatabase() {
        cancelAll()
    }
    // Clear data
-    Database.getInstance().closeAndClear(UriUtil.getBinaryDir(this))
+    Database.getInstance().clearAndClose(UriUtil.getBinaryDir(this))
 }
--- a/app/src/main/java/com/kunzisoft/keepass/utils/MenuUtil.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/utils/MenuUtil.kt
@@ -53,23 +53,19 @@ object MenuUtil {
    fun onDefaultMenuOptionsItemSelected(activity: Activity,
                                         item: MenuItem,
                                         readOnly: Boolean = READ_ONLY_DEFAULT,
-                                         timeoutEnable: Boolean = false): Boolean {
+                                         timeoutEnable: Boolean = false) {
        when (item.itemId) {
            R.id.menu_contribute -> {
                onContributionItemSelected(activity)
-                return true
            }
            R.id.menu_app_settings -> {
                // To avoid flickering when launch settings in a LockingActivity
                SettingsActivity.launch(activity, readOnly, timeoutEnable)
-                return true
            }
            R.id.menu_about -> {
                val intent = Intent(activity, AboutActivity::class.java)
                activity.startActivity(intent)
-                return true
            }
-            else -> return true
        }
    }
 }
--- a/app/src/main/java/com/kunzisoft/keepass/utils/StringUtil.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/utils/StringUtil.kt
@@ -0,0 +1,26 @@
+package com.kunzisoft.keepass.utils
+
+object StringUtil {
+
+    fun String.removeLineChars(): String {
+        return this.replace("[\\r|\\n|\\t|\\u00A0]+".toRegex(), "")
+    }
+
+    fun String.removeSpaceChars(): String {
+        return this.replace("[\\r|\\n|\\t|\\s|\\u00A0]+".toRegex(), "")
+    }
+
+    fun String.hexStringToByteArray(): ByteArray {
+        val len = this.length
+        val data = ByteArray(len / 2)
+        var i = 0
+        while (i < len) {
+            data[i / 2] = ((Character.digit(this[i], 16) shl 4)
+                    + Character.digit(this[i + 1], 16)).toByte()
+            i += 2
+        }
+        return data
+    }
+
+    fun ByteArray.toHexString() = joinToString("") { "%02X".format(it) }
+}
--- a/app/src/main/java/com/kunzisoft/keepass/view/AdvancedUnlockInfoView.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/view/AdvancedUnlockInfoView.kt
@@ -27,10 +27,12 @@ import android.view.View
 import android.widget.ImageView
 import android.widget.LinearLayout
 import android.widget.TextView
+import androidx.annotation.RequiresApi
 import androidx.annotation.StringRes
 import com.kunzisoft.keepass.R
 import com.kunzisoft.keepass.biometric.FingerPrintAnimatedVector

+@RequiresApi(api = Build.VERSION_CODES.M)
 class AdvancedUnlockInfoView @JvmOverloads constructor(context: Context,
                                                       attrs: AttributeSet? = null,
                                                       defStyle: Int = 0)
@@ -48,25 +50,25 @@ class AdvancedUnlockInfoView @JvmOverloads constructor(context: Context,
        inflater?.inflate(R.layout.view_advanced_unlock, this)

        unlockContainerView = findViewById(R.id.fingerprint_container)
-
-        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
-            unlockTitleTextView = findViewById(R.id.biometric_title)
-            unlockMessageTextView = findViewById(R.id.biometric_message)
-            unlockIconImageView = findViewById(R.id.biometric_image)
-            // Init the fingerprint animation
-            unlockAnimatedVector = FingerPrintAnimatedVector(context, unlockIconImageView!!)
-        }
+        unlockTitleTextView = findViewById(R.id.biometric_title)
+        unlockMessageTextView = findViewById(R.id.biometric_message)
+        unlockIconImageView = findViewById(R.id.biometric_image)
    }

-    fun startIconViewAnimation() {
-        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
-            unlockAnimatedVector?.startScan()
-        }
+    private fun startIconViewAnimation() {
+        unlockAnimatedVector?.startScan()
    }

-    fun stopIconViewAnimation() {
-        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
-            unlockAnimatedVector?.stopScan()
+    private fun stopIconViewAnimation() {
+        unlockAnimatedVector?.stopScan()
+    }
+
+    fun setIconResource(iconId: Int) {
+        unlockIconImageView?.setImageResource(iconId)
+        // Init the fingerprint animation
+        unlockAnimatedVector = when (iconId) {
+            R.drawable.fingerprint -> FingerPrintAnimatedVector(context, unlockIconImageView!!)
+            else -> null
        }
    }

--- a/app/src/main/java/com/kunzisoft/keepass/view/EntryContentsView.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/view/EntryContentsView.kt
@@ -48,8 +48,8 @@ import java.util.*


 class EntryContentsView @JvmOverloads constructor(context: Context,
-                                                  var attrs: AttributeSet? = null,
-                                                  var defStyle: Int = 0)
+                                                  attrs: AttributeSet? = null,
+                                                  defStyle: Int = 0)
    : LinearLayout(context, attrs, defStyle) {

    private var fontInVisibility: Boolean = false
@@ -67,7 +67,6 @@ class EntryContentsView @JvmOverloads constructor(context: Context,

    private val creationDateView: TextView
    private val modificationDateView: TextView
-    private val lastAccessDateView: TextView
    private val expiresImageView: ImageView
    private val expiresDateView: TextView

@@ -117,7 +116,6 @@ class EntryContentsView @JvmOverloads constructor(context: Context,

        creationDateView = findViewById(R.id.entry_created)
        modificationDateView = findViewById(R.id.entry_modified)
-        lastAccessDateView = findViewById(R.id.entry_accessed)
        expiresImageView = findViewById(R.id.entry_expires_image)
        expiresDateView = findViewById(R.id.entry_expires_date)

@@ -258,20 +256,13 @@ class EntryContentsView @JvmOverloads constructor(context: Context,
        modificationDateView.text = date.getDateTimeString(resources)
    }

-    fun assignLastAccessDate(date: DateInstant) {
-        lastAccessDateView.text = date.getDateTimeString(resources)
-    }
-
-    fun setExpires(isExpires: Boolean) {
+    fun setExpires(isExpires: Boolean, expiryTime: DateInstant) {
        expiresImageView.visibility = if (isExpires) View.VISIBLE else View.GONE
-    }
-
-    fun assignExpiresDate(date: DateInstant) {
-        assignExpiresDate(date.getDateTimeString(resources))
-    }
-
-    fun assignExpiresDate(constString: String) {
-        expiresDateView.text = constString
+        expiresDateView.text = if (isExpires) {
+            expiryTime.getDateTimeString(resources)
+        } else {
+            resources.getString(R.string.never)
+        }
    }

    fun assignUUID(uuid: UUID) {
@@ -279,7 +270,6 @@ class EntryContentsView @JvmOverloads constructor(context: Context,
        uuidReferenceView.text = UuidUtil.toHexString(uuid)
    }

-
    fun setHiddenProtectedValue(hiddenProtectedValue: Boolean) {
        passwordFieldView.hiddenProtectedValue = hiddenProtectedValue
        // Hidden style for custom fields
@@ -306,7 +296,7 @@ class EntryContentsView @JvmOverloads constructor(context: Context,
                      allowCopy: Boolean,
                      onCopyButtonClickListener: OnClickListener?) {

-        val entryCustomField: EntryField? = EntryField(context, attrs, defStyle)
+        val entryCustomField: EntryField? = EntryField(context)
        entryCustomField?.apply {
            setLabel(title)
            setValue(value.toString(), value.isProtected)
--- a/app/src/main/java/com/kunzisoft/keepass/view/KeyFileSelectionView.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/view/KeyFileSelectionView.kt
@@ -4,7 +4,6 @@ import android.content.Context
 import android.net.Uri
 import android.util.AttributeSet
 import android.view.LayoutInflater
-import android.widget.ImageView
 import android.widget.TextView
 import androidx.constraintlayout.widget.ConstraintLayout
 import androidx.documentfile.provider.DocumentFile
@@ -20,7 +19,6 @@ class KeyFileSelectionView @JvmOverloads constructor(context: Context,

    private val keyFileNameInputLayout: TextInputLayout
    private val keyFileNameView: TextView
-    private val keyFileOpenView: ImageView

    init {
        val inflater = context.getSystemService(Context.LAYOUT_INFLATER_SERVICE) as LayoutInflater?
@@ -28,7 +26,6 @@ class KeyFileSelectionView @JvmOverloads constructor(context: Context,

        keyFileNameInputLayout = findViewById(R.id.input_entry_keyfile)
        keyFileNameView = findViewById(R.id.keyfile_name)
-        keyFileOpenView = findViewById(R.id.keyfile_open_button)
    }

    override fun setOnClickListener(l: OnClickListener?) {
--- a/app/src/main/java/com/kunzisoft/keepass/viewmodels/DatabaseFileViewModel.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/viewmodels/DatabaseFileViewModel.kt
@@ -4,8 +4,12 @@ import android.app.Application
 import android.net.Uri
 import androidx.lifecycle.AndroidViewModel
 import androidx.lifecycle.MutableLiveData
+import com.kunzisoft.keepass.app.App
 import com.kunzisoft.keepass.app.database.FileDatabaseHistoryAction
+import com.kunzisoft.keepass.app.database.IOActionTask
 import com.kunzisoft.keepass.model.DatabaseFile
+import com.kunzisoft.keepass.settings.PreferencesUtil
+import com.kunzisoft.keepass.utils.UriUtil

 class DatabaseFileViewModel(application: Application) : AndroidViewModel(application) {

@@ -15,6 +19,33 @@ class DatabaseFileViewModel(application: Application) : AndroidViewModel(applica
        mFileDatabaseHistoryAction = FileDatabaseHistoryAction.getInstance(application.applicationContext)
    }

+    val isDefaultDatabase: MutableLiveData<Boolean> by lazy {
+        MutableLiveData<Boolean>()
+    }
+
+    fun checkIfIsDefaultDatabase(databaseUri: Uri) {
+        IOActionTask(
+                {
+                    (UriUtil.parse(PreferencesUtil.getDefaultDatabasePath(getApplication<App>().applicationContext))
+                        == databaseUri)
+                },
+                {
+                    isDefaultDatabase.value = it
+                }
+        ).execute()
+    }
+
+    fun removeDefaultDatabase() {
+        IOActionTask(
+                {
+                    PreferencesUtil.saveDefaultDatabasePath(getApplication<App>().applicationContext,
+                            null)
+                },
+                {
+                }
+        ).execute()
+    }
+
    val databaseFileLoaded: MutableLiveData<DatabaseFile> by lazy {
        MutableLiveData<DatabaseFile>()
    }
--- a/app/src/main/java/com/kunzisoft/keepass/viewmodels/DatabaseFilesViewModel.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/viewmodels/DatabaseFilesViewModel.kt
@@ -1,7 +1,6 @@
 package com.kunzisoft.keepass.viewmodels

 import android.app.Application
-import android.app.backup.BackupManager
 import android.net.Uri
 import androidx.lifecycle.AndroidViewModel
 import androidx.lifecycle.MutableLiveData
@@ -42,11 +41,8 @@ class DatabaseFilesViewModel(application: Application) : AndroidViewModel(applic
    fun setDefaultDatabase(databaseFile: DatabaseFile?) {
        IOActionTask(
                {
-                    val context = getApplication<App>().applicationContext
-                    UriUtil.parse(PreferencesUtil.getDefaultDatabasePath(context))
-                    PreferencesUtil.saveDefaultDatabasePath(context, databaseFile?.databaseUri)
-                    val backupManager = BackupManager(context)
-                    backupManager.dataChanged()
+                    PreferencesUtil.saveDefaultDatabasePath(getApplication<App>().applicationContext,
+                            databaseFile?.databaseUri)
                },
                {
                    checkDefaultDatabase()
--- a/app/src/main/java/com/kunzisoft/keepass/viewmodels/FileDatabaseInfo.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/viewmodels/FileDatabaseInfo.kt
@@ -23,7 +23,6 @@ import android.content.Context
 import android.net.Uri
 import android.text.format.Formatter
 import androidx.documentfile.provider.DocumentFile
-import com.kunzisoft.keepass.settings.PreferencesUtil
 import com.kunzisoft.keepass.utils.UriUtil
 import java.io.Serializable
 import java.text.DateFormat
@@ -58,7 +57,11 @@ class FileDatabaseInfo : Serializable {
        }
        private set

-    fun getModificationString(): String? {
+    fun getLastModification(): Long? {
+        return documentFile?.lastModified()
+    }
+
+    fun getLastModificationString(): String? {
        return documentFile?.lastModified()?.let {
            if (it != 0L) {
                DateFormat.getDateTimeInstance()
@@ -69,6 +72,10 @@ class FileDatabaseInfo : Serializable {
        }
    }

+    fun getSize(): Long? {
+        return documentFile?.length()
+    }
+
    fun getSizeString(): String? {
        return documentFile?.let {
            Formatter.formatFileSize(context, it.length())
--- a/app/src/main/jni/argon2/argon2_jni.c
+++ b/app/src/main/jni/argon2/argon2_jni.c
@@ -129,7 +129,7 @@ void throwExceptionF(JNIEnv *env, jclass exception, const char *format, ...) {

 JNIEXPORT jbyteArray
 JNICALL Java_com_kunzisoft_keepass_crypto_keyDerivation_Argon2Native_nTransformMasterKey(JNIEnv *env,
-   jobject this, jbyteArray password, jbyteArray salt, jint parallelism, jint memory,
+   jobject this, jint type, jbyteArray password, jbyteArray salt, jint parallelism, jint memory,
   jint iterations, jbyteArray secretKey, jbyteArray associatedData, jint version) {

    argon2_context context;
@@ -169,7 +169,7 @@ JNICALL Java_com_kunzisoft_keepass_crypto_keyDerivation_Argon2Native_nTransformM
    context.flags = ARGON2_DEFAULT_FLAGS;
    context.version = (uint32_t) version;

-    int argonResult = argon2_ctx(&context, Argon2_d);
+    int argonResult = argon2_ctx(&context, (argon2_type) type);

    jbyteArray result;
    if (argonResult != ARGON2_OK) {
--- a/Show More
+++ b/Show More