Yes Yes and Yes ! This is highly needed to avoid any mis-paste password.
Desktop requirement suggested
- At timer’s end :
- Check content of clipboard or salt of it (if that is something the API does)
- If Clipboard ID (or content) is from bitwarden -> replace by a random String (not to just clean it as this could be an indicator when spoofing clipboard data and not easy to diagnose if people come with a “bug” that clipboard is empty when pasting :)/ pasting do not work !)
- If clipboard ID (or content) is not from bitwarden. -> Write in debug that clipboard as been replaced.
- Customization time before clearing
- Activate or deactivate such feature - Per app / extensions
- A general master Switch in the Web App to force on or off on ALL other app/extensions (important for enterprise :))
No idea on other systems but on Windows there was the GetClipboardSequenceNumber() method that give you a Number and hat is auto-incremental. checking this is WAY MORE efficient than checking the content
Possible issue when checking content instead of Clipboard ID is that people sometimes copy-paste the same content - not ideal behavior but people do it. As the clipbaord have been replaced (even if the content is exactly the same) that should not be cleared as it falls out of Bitwarden app responsibility