Is the Windows Clipboard Function, History or Sync Secure?
Taking a look at what really happens to my data when it's cut, copied and pasted.
So, just the other day I had a syncing issue with my Dashlane (password manager) account. Not a problem. I'm signed into the browser extention so I just copied my password and pasted into the sign-in. Solved. The only problem is, every time I hit Ctrl-C I punch a huge hole in my secure workflow. My clipboard data is exposed to every service and every network I'm connected to. It's only when I came around to writing this article I realise how serious the problem is. Let's take a look at what's happening.
Cut/Copy-Paste has been burned into our muscle memory for the last 5 decades, you and I couldn't live without it. But the truth is that neither Microsoft, Apple or anyone else has made any attempt to silo that cut/copied data so that it can't be compromised: leaked or extracted. Usually we copy benign information, but the amount of times I have personal information or credentials on the clipboard and let my laptop sleep for a few days is alarming.
Is my Clipboard Data Secure?
Nope.
Every piece of data cut or copied is stored in memory awaiting the next command (paste or cut/copy again) and there are many different ways this idle data can be compromised or stolen. Let's consider some examples:
- The data is not hidden
The first thing to remember is that the clipboard stores data in "plain text", that is: the data is not encrypted or obscured in any way. Meaning anyone (or any malicious application or script) can read it just as easily as you're reading this article right now. - Clipboard data stays in the memory
Your computer does not "forget" what you cut/copied and - in most cases - only clears the clipboard data after the machine is restarted. As well as anyone else using your computer, other apps and processes you may not be aware of will have access to it. Including any malware: keyloggers, trojan horses, ransomware, you name it. - Data can be accessed from everywhere
Clipboard data is made available to almost every process and application running on your computer, otherwise it wouldn't be so useful right? This leaves the opportunity open for any malicious process to copy out your data very easily. - Open network threats
In theory it is also possible for any website you visit, by way of a malicious script, to access your clipboard data in the background.
Can't I Just Clear the Clipboard?
Sure. Overwriting the clipboard data would seem to be as simple as copying something else over it, like some other non-sensitive information, but this will not always fix the security problem. As well as some applications having the ability to retain old copy/cut data, you can't guarantee that you will remember to clear it every time.
Windows Clipboard History
On Windows, you've been able to copy and paste text and images forever, but it's been an experience somewhat limited that only supported copying one piece of content at a time and no way to view what data you currently have on the clipboard.
To overcome these limitations, Microsoft introduced a new Clipboard History feature that tracks the last 25 text and images that you copy or cut. Also, you can finally view and paste content directly from the clipboard history, and even pin items that you copy and paste more frequently.
In addition, leveraging the same cloud technology used to sync your OneDrive content, you can now 'Sync accross devices' your clipboard. In other words, you can access your clipboard on all your devices. All via the magic of Microsoft servers.
A very useful feature. But hold on a second, what about security?
An example clipboard history. Ouch!
Understand the risks.
If you choose to enable clipboard history or Sync, make sure that you also understand the potential security risks. For example, anything you copy to the clipboard will be stored in plain text. In other words, anyone with access to your computer will now be able to see your clipboard history by using the Windows key + V shortcut. In addition, if you enable the sync option, you'll also be uploading your history to the Microsoft servers.
Clipboard history can present bigger problems than password and credentials theft. There are many types of malware, that can be triggered by a website you visit or a download, that easily access your clipboard history. Some scripts even sit silently in the background waiting for and logging cut/copy events themselves without you being made aware.
One final though from a GhostVolt user:
This is just yet another place an malicious person can exploit to get stuff from you... they could get passwords, usernames, phrases of whatever nature, images, probably even FILES depending on how the code itself is implemented... I'll be making sure this feature is disabled in every way possible
Clipboard history is super usefull, what should I use?
You're going to want to store your most common copied phrases in a secure App which automatically clears the clipboard and blocks your copied text from landing in the clipboard history. Something like GhostVolt Secure notes works perfectly.
Some tips to keep your clipboard data secure
- As always, make sure your computer is up to date and do not share your Windows account with anyone.
- Do not copy any sensitive or personal information to the clipboard (passwords, names, bank details etc). If you must, be sure to clear the clipboard straight away.
- Unless you really need it, turn Windows clipboard history and sync off.
- Just like using a password manager to manage your password, use a secure App to manage your pasting phrases. Something like GhostVolt is perfect.
GhostVolt gives you full control over your clipboard data