|
|
|
|
|
|
by throwaway7767
3900 days ago
|
|
|
An attacker that can read your pipes/sockets can also sniff all your keystrokes, read your clipboard and read from other processes memory. A timer to erase the clipboard is only good to prevent accidents; a malicious program targeting your password manager will simply read the clipboard once a second and watch for changes. Local security is hard. For a more-secure solution, consider running Qubes OS with a seperate vault VM running a password manager. That way you can induvidually copy passwords to the VM where you want to enter it, without others getting any access to it. Of course, that's too hard for most people, so we end up running everything in the same context and then call it "secure" because we erase the clipboard after 5 seconds. |
|
|