To all of you who stopped worrying thanks to a clipboard manager, how do you handle sensitive contents in your clipboard?
For example, I routinely copy-paste my passwords from KeePass, and I have disabled all clipboard management to avoid copies of my passwords lingering around.
I see this happening also with the default clipboard manager in windows and 1password - copied passwords do not show up in the clipboard menu (downside they are not pastable in VMs either)
> default clipboard manager in windows and 1password - copied passwords do not show up in the clipboard menu
Mmm, Windows Clipboard does saves the password that I copied from Keepass, they will be in the menu. However Keepass have a option to clear the last entry in the clipboard which is set for 10 second to let the password persist in the clipboard and then Keepass will overwrite/remove the last entry after the time is up. Very useful imo.
Good point, wondering the same thing. I'm considering starting using a password manager, but my bigest concern is that malware can capture the passwords by listening to clipboard. The model in my head on Windows from programming using WIN32 API two decades ago is that any application can read clipboard contents as often as it wants to. Assuming the malware does that in a tight loop, how can password managers be secure at all? I imagine X Window System is no better in this respect. Has anyone given this any thought? Are my concerns unfounded?
Your concerns aren't unfounded, but they're a bit misplaced. Password managers aren't intended to protect you from a local attacker, on your machine, like the malware you described. It is trivial to capture clipboard contents, as you say, but it's also similarly easy to keylog so your passwords would be exposed either way. If you consider your computer compromised or antagonistic like this, don't use it for anything sensitive.
Password managers are mostly intended to help facilitate unique passwords per account, to avoid password re-use which prevents credential stuffing. That is, if an attacker gets a hold of your password from one website they can't use it to log in everywhere.
Back to your concern, there isn't a solution for Windows in this space at the moment. Malware that's alive in your user context (or Satya forbid, SYSTEM) can do quite a bit thanks to Win32 APIs.
I solved this problem by using Qubes OS, with isolated VMs for everything and inter-VM secure text copy. The passwords are stored in plain text in an offline VM, no password manager is necessary (but you still can use it if you like).
This is still a concern. I do malware analysis for a living and most windows malware these days that steal clipboard data simply hook the windows APIs and grab a copy of everything in there.
Thanks. What would be your recommendation regarding password managers? Does using a password manager's browser extension (assuming it has one) help here or does that also use clipboard? I guess I'm damned either way because I'm gradually migrating to using generated passwords which I copy via clipboard anyway.
If I'm not wrong you can configure KeepassXC to only store credentials in the clipboard for a selected timespan (like 5, 10 or 30sec). You can also eliminate it entirely IIRC by using the autotype feature when entering credentials.
You can, but AFAIK the way it does that is by overwriting the clipboard with null data. If you have a clipboard manager, it may save your credentials before it is overwritten so that it can retrieved later, and in this case, it is not something you want. Some clipboard managers can be clever and detect a null overwrite and interpret it as a request not to save the overwritten content.
Autotype do not suffer this problem and is generally considered safer. Some password managers have an even safer "mixed" mode where part of the password is in the clipboard and another part is auto-typed, meaning you have to monitor both the keyboard and the clipboard to grab the password
At least one possible fix would be a clipboard management standard such that an application can both set and clear or overwrite a specific clibpoard entry's data.
(I'd prefer the clear/overwrite myself.)
Another option would be specific IPC such that clipped content is available to one and only one other application or process. There was a recent HN submission on the Unix password manager utility "pass", including the ability to supply passwords to a command via shell expansion rather than as a command-line parameter. The former doesn't reveal the password in either process listings or shell history, the latter does.
That's a relatively primitive option, a more robust standard might also be provided.
I'm using Raycast on macOS. When I copy a password using 1Password, the copied text does not end up in Raycast's clipboard history. It might be possible that other password and clipboard managers do the same.
Try it. I was initially worried about this. Turns out with KeePassXC and Klipper it Just Works™ and fields copied (via keyboard shortcut) somehow don't get stored in the clipboard history at all.
Yes, KeePassXC actually has a little UI element in the lower right of the window that shows when it will clear a copied password out of the clipboard history.
Blacklisting BitWarden in the clipboard manager. If I copied from another app, it's four extra keystrokes to paste and delete: Cmd+V -> Cmd+Shift+V -> Cmd+Delete -> Esc.
I try and copy the password only so that on the very odd chance someone combs through my clipboard history they still wouldn’t know what site or username it matches. I tend to use unique/generated usernames or emails as much as I can so that I’m not “1337wiz” on every website I have an account on.
I seem to have drifted to the exact opposite: no clipboard manager, and when I want to cut/copy something and have it persist for longer, I just paste it in a notepad application.
I copy/paste passwords much more often than I require multiple clipboard entries alive together.
At least one keepass implementation has the option to clear the clipboard after a few seconds. Haven't been at my Windows PC for months, can't remember details. No idea how that would work with clipboard managers, though.
For example, I routinely copy-paste my passwords from KeePass, and I have disabled all clipboard management to avoid copies of my passwords lingering around.