rhkra...@gmail.com writes: > * during copy and paste operations, the plaintext password could > remain on the C&P "stack". thus making it vulnurable: Some notes: > > (1) I've read about at least one password manager that, somehow, > deletes the plaintext password from the copy and paste "stack" after a > time delay--I didn't make a note of which one that was.
Yes, the Password Store tools do this (actively delete the content from the clipboard, after a configurable timeout). > (2) another approach could be that a password manager provides a > facility to write the password to a designated textbox […] Another common approach, similar to that, is to have a web browser plug-in which reads the same database. Thanks to WebExt support in both Chromium and Firefox, we have the Browserpass <URL:https://dannyvankooten.com/chrome-extension-for-pass/> extension that allows using credentials directly from a Password Store database. > Maybe my concern about these situations is unrealistic, but I want to > consider it, so all comments are welcome. I think you should move to the above model (tools like Password Store that actively work to get the credentials out of the clipboard quickly) as an immediate improvement first, and see how well that satisfies. -- \ “Don't be afraid of missing opportunities. Behind every failure | `\ is an opportunity somebody wishes they had missed.” —Jane | _o__) Wagner, via Lily Tomlin | Ben Finney
