"One shot" or expirating copy paste

[hal_sk]

Hello,
Is there such a tool, that would allow me to paste copied value only once or for short amount of time?
For example: I copy the password, paste it to SSH prompt, then forget about it and accidentally paste it once again but this time into Google search. It actually happens sometimes to me. Since, I have developed obsessive habit to copy random string after finished pasting sensitive string.
It would be nice to have an option to use special keyboard shortcut for this, like for example ctrl+alt+c

 

[f33dm3bits]

With Keepass(X) if you copy paste a password from there it is for a limited amount of time. I'm guessing you are talking about a clipboard manager, I'm pretty sure there should be one of those that has that feature. Have you tried one of the many clipboard managers?

Ctrl+C Ctrl+V Made Better With Clipboard Managers in Linux

Save yourself time and frustration with a clipboard manager and never lose track of your copy-pasting.

itsfoss.com

10 Free and Open Source Clipboard Managers for Linux

Clipboard Manager is a utility that runs in the background of your Linux system and keeps a history of everything that you have saved to your system clipboard.

www.tecmint.com

 

[CaffeineAddict]

I copy the password, paste it to SSH prompt, then forget about it and accidentally paste it once again but this time into Google search. It actually happens sometimes to me.

This happened to me several times and I'm not sure if I spotted it always.

I use password safe because it doesn't use clipboard to type passwords and it auto locks after time of inactivity.
clipboards are evil because every program can read them including your web browser.

There is even an option in almost every modern web browser which lets websites read your clipboard, so having your password in clipboard is always bad.

 

[hal_sk]

Have you tried one of the many clipboard managers?

Never heard of them and will look into that.

so having your password in clipboard is always bad.

Do clipboard managers solve that?

 

[CaffeineAddict]

Do clipboard managers solve that?

I don't think they do, password managers likely use existing clipboard instead of creating their own.
Likely password managers don't change access behavior to clipboard, only the ways to how it's displayed to user plus some extra functionalities.

 

[f33dm3bits]

Likely password managers don't change access behavior to clipboard, only the ways to how it's displayed to user plus some extra functionalities.

I know keepass(X) puts a timeout on how long your copies password is saved to your copy. I don't use a clipboard manager but I've tested out a few and from what I remember you can configure them to expire or set them to a private setting.

 

[CaffeineAddict]

I know keepass(X) puts a timeout on how long your copies password is saved to your copy. I don't use a clipboard manager but I've tested out a few and from what I remember you can configure them to expire or set them to a private setting.

Problem is that password must not get into clipboard not even for a second.

Your password manager must handle passwords without using clipboard at all otherwise it's not good password manager.
Password Safe never uses clipboard, it auto-types passwords from it's encrypted database directly into login form.
edit:
But you can force it to use clipboard if you want at your own risk.

 

[f33dm3bits]

Problem is that password must not get into clipboard not even for a second.

https://www.perplexity.ai/search/are-there-password-managers-th-dmBBscx.RxaBoXkGfGGC3g

 

[CaffeineAddict]

https://www.perplexity.ai/search/are-there-password-managers-th-dmBBscx.RxaBoXkGfGGC3g

Sorry I can't see your answer because of NoScript but I asked: "Is it safe for password to get into clipboard?"

No, it is generally not considered safe for passwords to be stored in the clipboard, even temporarily. Here are the key reasons why:

The clipboard contents can be accessed by any running process on the system, including malware

. If malware is present, it can easily steal passwords from the clipboard.
Some clipboard managers and extensions have vulnerabilities that allow clipboard data to be accessed or stored persistently, even after the app that put it there has closed
. This includes the clipboard sync feature on Samsung devices
.
Websites can sometimes read the contents of the clipboard, either through exploits or by tricking the user into pasting something
. This could potentially expose a password.
If the clipboard is used to transfer a password between applications, it remains in the clipboard after the password is pasted, until it is manually cleared or the system reboots

.

The safest practice is to avoid putting passwords in the clipboard at all if possible. Password managers should use secure methods like auto-fill or secure copy/paste that don't involve the clipboard. If the clipboard must be used, it should be cleared immediately after pasting. But in general, the clipboard should be considered an insecure location for sensitive data like passwords.

 

[f33dm3bits]

Sorry I can't see your answer because of NoScript but I asked: "Is it safe for password to get into clipboard?"

Based on the search results, there are several password managers and techniques that can help control the clipboard and enhance security when copying passwords on Linux:

1. KeePassXC offers features to manage clipboard security:

• It can automatically clear the clipboard after a few seconds when copying passwords
• It has an Auto-Type feature that can enter credentials directly into login fields without using the clipboard

1. CopyQ is a clipboard manager that has an option to prevent storage of passwords copied from specific apps like KeePass

• The "pass" command-line password manager encrypts passwords with GPG and allows full control over password management

1. While it doesn't specifically mention clipboard control, it keeps passwords encrypted.
2. Some general recommendations:

• Use password manager browser extensions to autofill credentials without copying to the clipboard
• Configure clipboard managers to ignore or exclude password manager applications
• Use password managers that clear the clipboard automatically after a short time

1. It's worth noting that modern web browsers generally prevent websites from reading clipboard contents without user permission, reducing some risks of clipboard snooping

While the clipboard isn't inherently unsafe, these methods can add extra layers of security by minimizing the time sensitive data spends in the clipboard or avoiding it altogether. The most secure options appear to be using Auto-Type features or browser extensions that don't rely on the clipboard at all.

 

[CaffeineAddict]

The most secure options appear to be using Auto-Type features or browser extensions that don't rely on the clipboard at all.

This is the only way to go if you ask me.
I would never entrust clipboard to store anything sensitive no matter how confident I am about my system being clean.

 

[atanere]

The Password Safe Quick Start Guide gives instruction for the clipboard and makes no mention of auto-type. So they seem confident in that usage.

Keepass also has auto-type, but they acknowledge that it is vulnerable to keyloggers unless you take special precautions. I would guess that PSafe also has this risk.

I like both of those password managers, but neither are perfect (because nothing is). I've never used a clipboard manager, but I think they would offer a solution too.

It would be nice to have an option to use special keyboard shortcut for this, like for example ctrl+alt+c

The command xsel -bc will clear the clipboard. That could easily be made into a script to execute with ctrl-alt-c or any other unused keyboard shortcut combo. Depending on your distro, you may have to install xsel.

 

[CaffeineAddict]

The Password Safe Quick Start Guide gives instruction for the clipboard and makes no mention of auto-type. So they seem confident in that usage.

Interesting, this must have been written by someone who knows nothing about password safe, the default behavior of password safe is however to not use clipboard. but you can force it if you want.

According to screenshots it's written somewhere in Windows 7 era.

 

[atanere]

That's their site, their instructions. I'm not sure what you mean. The only "default" is what actions the user takes. Their quick start says to copy/paste with clipboard.

 

[CaffeineAddict]

The only "default" is what actions the user takes. Their quick start says to copy/paste with clipboard.

The default is what's default if you don't change settings.
I've edited my previous post in the mean time, according to screenshots this quick start was written somewhere in Windows 7 era. it's possible back them clipboard was the default.

 

[atanere]

I've used PSafe before, but not in quite awhile. I'll give it another go to maybe understand better how/why auto-type is the "default" way to use it. I don't remember that being the case.

Another weird thing on their Quick Start page: they have a program screen cap showing version 3.06 -- but GitHub says version 1.19.1 is current. Beats me!

 

[CaffeineAddict]

how/why auto-type is the "default" way to use it.

Auto-type is not really default because you have to invoke auto-type yourself.
Another way is to double click which copies passowrd to clipboard but in this case you're warned about it, so we can say auto-type is default on how pswafe should be used.

they have a program screen cap showing version 3.06 -- but GitHub says version 1.19.1 is current. Beats me!

Windows version is different from linux version.
3.x is windows branch while. 1.x is linux branch.

 

[atanere]

Auto-type is not really default because you have to invoke auto-type yourself.

The only "default" is what actions the user takes.

So we agree after all?

 

[CaffeineAddict]

So we agree after all?

The well known rules applies, a user is free to use the software or damage their system or security however they desire
I have configured my pswafe so that in addition to default the best practice is in effect, but how somebody else will make use of it IDK, it's their choice.

 

[atanere]

If you have a keylogger stealing your auto-type, you've already been hacked.
If passwords in your clipboard are compromised, you've already been hacked.

It's not much difference to me. Both password managers are good, both use the clipboard, both use auto-type. As you said:

a user is free to use the software or damage their system or security however they desire

People can even use other password managers to store their password vault in the cloud, if "sync" is an important feature to them. For many people, it is. We each have our own balance between security and convenience. We have choice... always a good thing.