Clear clipboard should be ON by default

Clear clipboard option should be made “on” by default with an appropriate timeout duration.

Recently when i setup bitwarden on my new mobile (Android) device , i noticed that i was accidently pasting the passwords i had copied earlier on some other websites or apps.
It took multiple instances of this accident , to make me realise that that the clipboard wasn’t being cleared automatically by bitwarden , which i had thought was on by default.
I think this could possibly happen with any user who is setting up bitwarden on a new device and may not instantly jump into all the settings that he/she might find necessary.

Therefore as a solution to prevent any accidental leakages i believe the “Clear clipboard” option should be left “ON” by default with maybe 20 or 30 s timeout.
An alternate solution would be to prompt the user about the important toggles that he wants to keep on/off at a startup screen on installation of bitwarden on that device.

+1 here, security by default is the way to go!

If people want to disable something to be less secure then sure give the user a choice, but Signal does this by enabling E2EE by default for all communications.

Many users don’t ever change defaults so considering a more secure option by default is a great idea. :smiley:

1 Like

Yeah, this is one of the two things i found out about bitwarden today that i didn’t expect, the other one is autofill for desktop app. After using keepass for many years, i was caught unguarded these two are not built-in from day one.

1 Like