I would like to see some options to react to multiple failed master password attempts.
Delay next master password attempt
Clear key file / erase local data forcing you to reconnect to the cloud sync.
Currently, if someone has my phone, they can guess multiple times without any penalty. If they have my phone, they have my keyfile.