Could you explain a bit? I see main issue with Signal (though I’m not an expert, and they’re not strictly related to security): it’s centralized (and the server isn’t even open-source).

The question is also a lot about your threat model right?

It’s not that important I think, using a strong password different from all other websites is much more important.

Could the strange hyphenation be due to the influence of their mother tongue? I don’t know if there is any language that does it like that, but it seems plausible.