I would like to suggest having separate encryption for cloud syncing . This would enable have a really long password for the cloud. I use a non trivial password, but it is not nearly as secure as a random 30 character mixed case and symbols would be. mSecure currently has this feature but is dropping cloud sync with its next release. I don't know how difficult this would be to implement but since you already use a separate file for sync I hope it would be easy enough to add to your road map. It would give me a better sense of security knowing my cloud file had a very secure password.