If a value has been put in the clipboard by the desktop client (and other clients if this could apply to them) then the clipboard should be cleared when exiting. I think this should be configurable with a separate setting from the clear timer, and should default to being on if it’s possible to have that default only apply for new users. If not, I think it’d be nice to have this new setting be turned on if/when a user turns on the clear timer setting.
I set mine to clear after 10 seconds using the desktop app, but it clears a different clipboard versus the one recording the password in my KDE clipboard. KeePassXC works perfectly, however. Not only does it correctly clear the clipboard it uses, but the password never at all enters the general clipboard used by KDE. I think KeePassXC has more discerning and passionate developers than those handling BW’s desktop app. BW’s desktop app is fine, but KeePassXC is impressively executed in every respect. The audit I read also commented on the clean and clear code.
Something to do with your KDE/Linux setup? Both the app and extension clear the clipboard perfectly on MacOS and to my knowledge on Windows or most people’s Linux systems.
KeePassXC is a different thing from Bitwarden, in several respects. Importantly, Bitwarden offers greater cross-platform flexibility. If you want to operate as a booster of KeePassXC then it would be better to note the significant differences for many use cases, or to write on a KeePassXC forum.
Are you personally acquainted with the developers of Bitwarden and KeePassXC, and have qualifications to comment?
@Aerobics2600, are you assuming a long clear time? Is your desktop client not clearing? It is not apparent to me what advantage you are seeking by adding clear-on-exit, so a good use case that differentiates timed vs exit clear would help.
“Are you personally acquainted with the developers of Bitwarden and KeePassXC, and have qualifications to comment?”
Sounds like you may be looking for an argument. Have you used KeePassXC? It goes above and beyond in every way.
Not saying Bitwarden is inferior, just that KeePassXC has seen more love and care from the developers than BW’s desktop app.
If you use both this should be evident. It’s a more mature product.
I naturally examined KeePassXC when investigating the several password manager options. I saw it was (and is) functionally incapable of meeting my needs so there was no point wasting further time on it.
Yes, definitely understand. Also, I wasn’t saying KeePassXC is above and beyond Bitwarden in every way, let alone the BW desktop application, just that everything in the program is so well and carefully executed, including the clipboard function. See this post for example to see how KPXC does it:
I use both BW and KPXC. Both wonderful products. By the way, if you want to store your KPXC in a cloud account for backup purposes, you can jack up the Argon settings as high as you like while keeping your local copy more moderate. You can also store your key file away from the cloud KeePass database you’ve backed up. Also can select 1 of 3 powerful 256-bit ciphers perfectly implemented using the Botan 3.3.0 cryptographic libraries.
That’s an example of love and care. Totally unnecessary to supprt anything beyond AES-256, but KeePass does it anyway. Same as the clipboard functionality above where KPXC figured out how to avoid the standard clipboard in KDE.
KPXC also has special memory protection not afforded by the BW desktop app.
Just to give a few examples.
Ultimately if you need the extra functionality of Bitwarden, KeePass is not suitable, but it’s a really well done application for what it is, and BW devs can learn some things from it.