How safe are the generated passwords in clipboard?

documentation

#1

Hi,

First I really want to thanks all the contributors (special mention for luckyrat) of KeePass, KeePassRPC and Kee because all these tools are amazing and bring a lot of serenity when I surf on the Web. So a big thank you for this giant work :smiley:

About my question :

Thanks to KeePassRPC, Kee can communicate safely with KeePass to fill forms without using clipboard and typing. But when I want to modify a password I ask Kee to get a generated password from KeePass. And this new password is stored in the clipboard so that we paste it everywhere it should be one the website so that we validate the modification.

I wonder how safe it is. Kee communication through KeePassRPC is very safe so that a generic malware cannot sniff it (by “generic” I mean a malware that is not specialized in cracking KeePass and its plugins). But during the period where the generated password is stored in clipboard, a generic trojan could make saving of clipboard state and get the new password.

I could be wrong : maybe you implement some obfuscation but I think this precision is worth to be mentioned in documentation (I did not find enough details about this issue anywhere). So what happen precisely when I ask a generated password from Kee ?

By the way, to change the password using Kee, the procedure can be tricky but I found a great one that I share because I never saw it before :

  • On the form for password modification, use Kee to fill the old password
  • Generate new password with Kee and paste it everywhere it should be
  • Logout of the website once the change is validated
  • Log in by using Kee login proposition and paste the password once again (the Kee’s one is the wrong old one)
  • Now you can use “save latest password” to update KeePass entry

With this procedure, you avoid that Kee learns bad forms only present during password modification.

Thank you in advance for the precision,

Cheers,


#2

The clipboard is used to store the new password and there is no obfuscation or protection against clipboard loggers.

I think that we are past the point in computer security where clipboard loggers are a noteworthy threat - there are so many more advanced threats now that are at least as easy for an attacker to utilise. I would argue that if you are concerned that there may be a clipboard logger installed on your machine, you should actually be more concerned about a complete compromise of all data that is accessed on that machine. If you disagree and wish to treat the clipboard as a special location that is at higher risk of compromise than the rest of your system, you could use the password generator in KeePass itself and choose a different way to transfer the newly generated password into the web forms.

I typically use the password updating process that you have listed. The only thing to watch out for is the small risk that the new password disappears before you can update your KeePass entry (e.g. if you or some other application writes to the clipboard or your machine crashes or loses power).


#3

Hi,

Thank you for the precision :+1:

I agree that if a clipboard logger is running on your computer then it should not be the only running malware.

What surprise me is that on the one handKeePassRPC allows a safe communication between the softwares in local to prevent generic malware running to get everything from KeePass’ data base and on the other hand Kee uses clipboard for generated password which is a vulnerability against a generic software like clipboard logger. Of course, you generally use passwords everyday (which is safer thanks to KeePassRPC) and you rarely change your passwords (this is the weak part), but still, I was wondering if something was planned to avoid this weakness since everything else seems so high in security. I looked at password managers only recently, so if you tell me that we are already to the point where everything is compromised when a clipboard logger is running then I can only accept this little weakness.

In conclusion I would say that if you use Kee to fill form on a compromise PC (by a generic malware) KeePassRPC may avoid that passwords used were leaked but if you generate a new one with Kee on the same PC then it was leaked if there is a clipboard logger running.

And as you said a solution to avoid that is to go back to KeePass and create/change entry there (less practical but safer).

Yes, you have to complete the procedure before doing anything else and with enough charge as you pointed out !

Thank you again for your answer and your very nice work :grinning:

Best !