For an unregistered .com. Most desirable .com's have been squatted, and the squatters want five to six digits for the domain. The business model deserves a fiery death, yet it thrives.
Fair point. Most of my domains have not been .com's but when I've registered I've checked if the .com was available and for the most part they have been.
So cities recently have been toying with vacancy taxes that target rich people using prime real estate speculatively or who wish to reserve a unit without anyone having lived there for cultural reasons - maybe that's the sort of tactic we need to examine with domains, some sort of creative usage bar that utilizes distinctness from other domains to detect squatting and levy a fee.
Change the name. Especially if you're a security oriented service and not having the dot com opens you up to this sort of, I guess its phishing? .info and all are basically active red flags, especially for a security oriented project...
Honestly the Keepass maintainers have had enough basic issues with website security (see how long they held out on https for update downloads), that I use KeepassXC even on Windows these days. I figure there's enough eyes on the kdbx 4 protocol that it's safe, but the keepassxc team feels better organised.
