Suggestion: sign binaries, publish sha256 hashes
Created by: rolandog
Maybe this is an issue that might be tied to #189, but I would think that the availability of sha256 hashes and binaries that are signed should be considered, given the nature of what MasterPasswordApp handles.
I would point to Vagrant's security page for a showcase on good practices. Though there are many others that come to mind.