EDIT: Lol, it doesn’t actually work +___+ It is enabled in KeepassXC but it just doesn’t do anything. Welp.
Here’s a neat trick I just found out (with a hint from here):
In Wayland you can’t use KeepassXC’s very cool Auto-Type feature (it’s somehow Qt’s fault?) but if you installed it as a Flatpak you can go into KDE Settings, search for “Flatpak Permission Settings” and in the settings for KeepassXC under “Advanced” you can disable “Wayland Windowing System” to make it work. Nice!
That window titles can be easily changed is quite true, so all applications I know monitor such changes and abort the autotype on request when a change is made. But as already said, this is not a security feature, at least not a useful one.
Monitoring the application itself makes no sense for a password manager. As you write yourself, it’s easy to customize the title. All applications make use of this. It is already changed when the tab in the browser changes, a new page is loaded or similar. The same is true for non-browser applications. Windows also allows read access to window titles.
What the Wayland developers do is, in my opinion, gross mischief or ignorance regarding window titles. The password manager needs a simple way to assign a window to an entry, which should be the same for all applications. This should be the same for all DE’s, window managers and OS. The simplest is the window title. The status bar makes no sense and an API would have to be the same or at least similar across all DE’s, window managers and OS. Such a thing does not exist. To implement something like that only for KDE is too niche. This would have to be implemented and established, if already for the broad mass. So also for Gnome, Mate, Cinnamon and all the others. Not to forget, this must also work for Windows and MacOS in a similar way.
deleted by creator
I absolutely never trust blindly in such things. I have never seen a plausible explanation why this is a security feature.
When there are dev’s from X11 involved, this is fine and it seems that this leads to decisions which prevent from current X11 issues. But it absolutely is no guarantee that everything is trustable. I’m not that expert, but your mentioned link points in the right direction. But as long this isn’t supported in the wide mass, it’s only a wish…