I also think that the clipboard passwords is a significant security concern.
After upgrading some of my weaker passwords, I ended up with a clipboard full of valid passwords. It seems counterintuitive to me to take all these measures to keep my vault safe while some of my passwords are floating on the clipboard.
I was wondering if there were any thoughts from the BitWarden Team.
Merry Xmas everyone!
Thanks for checking in @vc34, no updates to share at this time, but as always, we welcome community PRs should someone be interested in working on this feature.
New here, and was wondering about the clipboard security in BW after reading the security on another app (Sticky Password) that says it encrypts the password when you click it’s copy icon, and detects a Windows Paste command to confirm you want to past it. And, I assume it decrypts it before the paste.
Is this still an issue in BW?? If Sticky Password leaves an encrypted password in the clipboard history, I guess that’s probably ok. But I don’t understand why you cannot delete an item in the Windows Clipboard history, when I can even do that manually…
Is there still no fix to Samsung’s clipboard security flaw?
I’m new here. Spent more time than I like already searching web on this issue.
In my device (s21) BW is set to clear passwords after 20 seconds. This fails. Samsung keyboard keeps everything unless I manually select “delete”, or “delete all.”
Forgive me if this has been clearly answered elsewhere.
Thanks!
I had just asked the developer of Unclutter (which I’ve used for years) about this issue. The relevant part reads “…if the extension doesn’t provide these special flags, Unclutter will not recognize this data as sensitive.”
WHY doesn’t BW provide whatever these flags are? The whole point of BW is to protect passwords, so if it CAN use a flag to indicate to clipboard apps not to show passwords then it obviously SHOULD. I’m not getting the issue.
Absolutely, your message is clear and concise. It addresses the issue at hand and offers a potential solution. Here’s the final version:
Hey everyone,
Just wanted to chime in on this clipboard history issue. I’ve noticed the same thing - passwords going to clipboard managers that support “ignoring sensitive content”. This is definitely a bit concerning, and it’s happening both in the web extension and desktop here on my Mac.
Also, I use BetterTouchTool which can hide passwords from clipboard history. It would be awesome if Bitwarden could flag it as sensitive or something similar.
Just throwing my two cents in. Hoping we can find a way to make our passwords even safer!