[zorked]

I have heard the argument that regular users often believe that copying and pasting passwords makes them immune to keylogging, so allowing that will cause some of them to keep a copy of their password on a plaintext file on their desktop where otherwise they would just type from memory.

Not sure if that's what banks are thinking about.

[hazz99]

Probably a dumb question, but doesn't copying & pasting protect against keylogging? The only key events being sent is CTRL+C and CTRL+V (or the mouse equivalent), and not the password keys themselves.

Obviously this is an extremely bad way to "protect" yourself (since you keep your password in plaintext on your PC), but it does protect against keylogging, right?

[TheCoelacanth]

Maybe keylogging in the strictly literal sense, but I think most software "keyloggers" log the clipboard too. I suppose it would protect you from a physical keylogger.

[user5994461]

To clarify, it is not a maybe, keyloggers definitely monitor the clipboard. It's one of the most basic features of a key logger.

Another basic features is logging the active window/process to know where the user is currently writing to.

[bluGill]

Correct, it does foil key logging. However in general installing a key logging is harder to pull off than just copying all files from the machine in question. Of course it depends on which known unpatched security hole exists on the system at the time. However in general a program is more likely to be able to read arbitrary files.