diff --git a/ui/BankingAndroidApp/src/main/java/net/dankito/banking/ui/android/security/CryptographyManager.kt b/ui/BankingAndroidApp/src/main/java/net/dankito/banking/ui/android/security/CryptographyManager.kt
index dce24c14..94a4e795 100644
--- a/ui/BankingAndroidApp/src/main/java/net/dankito/banking/ui/android/security/CryptographyManager.kt
+++ b/ui/BankingAndroidApp/src/main/java/net/dankito/banking/ui/android/security/CryptographyManager.kt
@@ -109,7 +109,7 @@ open class CryptographyManager {
 
     protected open fun generatePbeSecretKey(userPassword: String, salt: ByteArray): SecretKey {
         // Initialize PBE with password
-        val factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256")
+        val factory = SecretKeyFactory.getInstance(findBestPbeAlgorithm()!!)
         val spec = PBEKeySpec(userPassword.toCharArray(), salt, 65536, 256)
         val key = factory.generateSecret(spec)
 
@@ -126,4 +126,37 @@ open class CryptographyManager {
         }
     }
 
+
+    open fun findBestPbeAlgorithm(): String? {
+        return findBestMatchingAlgorithm(SecurityProviderServiceType.SecretKeyFactory, "PBKDF2","PBKDF2WithHmacSHA256")
+            ?: findBestMatchingAlgorithm(SecurityProviderServiceType.SecretKeyFactory, "PBE")
+    }
+
+    open fun findBestMatchingAlgorithm(type: SecurityProviderServiceType, nameStartsWith: String, vararg preferredAlgorithms: String): String? {
+        val supportedAlgorithms = listServiceTypeAlgorithmsWithName(type, "PBKDF2")
+
+        val bestMatchingAlgorithm = preferredAlgorithms.firstOrNull { supportedAlgorithms.contains(it) }
+            ?: supportedAlgorithms.maxBy { it.length }
+
+        return bestMatchingAlgorithm
+    }
+
+    open fun listServiceTypeAlgorithmsWithName(type: SecurityProviderServiceType, nameStartsWith: String): List<String> {
+        return listServiceTypeAlgorithms(type)
+            .filter { it.startsWith(nameStartsWith, true) }
+    }
+
+    open fun listServiceTypeAlgorithms(type: SecurityProviderServiceType): List<String> {
+        val algorithms = mutableListOf<String>()
+
+        Security.getProviders().forEach { provider ->
+            algorithms.addAll(provider.services
+                .filter { it.type == type.type }
+                .map { it.algorithm }
+            )
+        }
+
+        return algorithms
+    }
+
 }
\ No newline at end of file
diff --git a/ui/BankingAndroidApp/src/main/java/net/dankito/banking/ui/android/security/SecurityProviderServiceType.kt b/ui/BankingAndroidApp/src/main/java/net/dankito/banking/ui/android/security/SecurityProviderServiceType.kt
new file mode 100644
index 00000000..34c75a7d
--- /dev/null
+++ b/ui/BankingAndroidApp/src/main/java/net/dankito/banking/ui/android/security/SecurityProviderServiceType.kt
@@ -0,0 +1,44 @@
+package net.dankito.banking.ui.android.security
+
+
+enum class SecurityProviderServiceType(val type: String) {
+
+    AlgorithmParameterGenerator("AlgorithmParameterGenerator"),
+
+    AlgorithmParameters("AlgorithmParameters"),
+
+    CertPathBuilder("CertPathBuilder"),
+
+    CertPathValidator("CertPathValidator"),
+
+    CertStore("CertStore"),
+
+    CertificateFactory("CertificateFactory"),
+
+    Cipher("Cipher"),
+
+    KeyAgreement("KeyAgreement"),
+
+    KeyFactory("KeyFactory"),
+
+    KeyGenerator("KeyGenerator"),
+
+    KeyManagerFactory("KeyManagerFactory"),
+
+    KeyPairGenerator("KeyPairGenerator"),
+
+    KeyStore("KeyStore"),
+
+    Mac("Mac"),
+
+    MessageDigest("MessageDigest"),
+
+    SSLContext("SSLContext"),
+
+    SecretKeyFactory("SecretKeyFactory"),
+
+    SecureRandom("SecureRandom"),
+
+    Signature("Signature"),
+
+}
\ No newline at end of file