|
Cornelius Henning wrote: Also typing a password exposes you to keyloggers
And using clipboard exposes you to malware that reads the clipboard. Every program can access it at any time. So the advantage of using a password manager is that you can create an unique password for everything and don't have to remember them all.
If you have malware running on your machine there is nothing that can truly prevent it from intercepting a password.
|
|
|
|
|
RyanDev wrote: Wasn't that a feature?
Miss the joke icon?
The only insecure thing I can think of with pasting is that the password stays on the clipboard until I replace it.
Copy/Pasting from my password app enables the use of complicated and far more secure passwords than if I had to type them in manually.
"Go forth into the source" - Neal Morse
|
|
|
|
|
kmoorevs wrote: Miss the joke icon? Unfortunately no. I've seen applications do it.
There are two kinds of people in the world: those who can extrapolate from incomplete data.
There are only 10 types of people in the world, those who understand binary and those who don't.
|
|
|
|
|
Clipboard hooks.
Simple solution, open your app in a separate desktop with limited rights.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
.... or use something like KeePass, which only leaves the password on the clipboard for a few seconds.
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
|
|
|
|
|
..on a separate desktop as I described; otherwise any clipboard-hook will have the contents as soon as the clipboard changes.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Can you elaborate a little, please. What do you mean by "separate desktop"?
Get me coffee and no one gets hurt!
|
|
|
|
|
A new desktop object in which you can open Windows. See CreateDesktop function (MSDN)[^].
--edit
The login-screen is an example of another desktop than the one that you are using normally. Access to that desktop is limited, even if you are running a background application on yours
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Thanks!
Get me coffee and no one gets hurt!
|
|
|
|
|
You're welcome
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Well ^this did come to mind
A bunch of guys arguing about copy and paste security on an operating system that sends all your stuff up to Microsoft anyway
Now is it bad enough that you let somebody else kick your butts without you trying to do it to each other? Now if we're all talking about the same man, and I think we are... it appears he's got a rather growing collection of our bikes.
modified 31-Aug-21 21:01pm.
|
|
|
|
|
Install a proxy and you can see (and modify) what is being sent; also, the keylogger was not included until Win10.
One does not argue about something that can be verified, that's a waste of time
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Cornelius Henning wrote: very latest version
Not quite.
Cornelius Henning wrote: This installs as version 170513-2252.
The Insider Update I have in a VM currently reports as 170603-1840.
|
|
|
|
|
Quote: The Insider Update I have in a VM currently reports as 170603-1840. Yes, you're right. I corrected my mistake.
Get me coffee and no one gets hurt!
|
|
|
|
|
They're coming out so fast at times it's hard to keep up to date. I've certainly never made any attempting at tracking them all. I just let it install whatever it wants in my VM.
|
|
|
|
|
Examples (#'s have been removed):
P O BOX
P.O. BOX
PMB
PO B0X
PO BO X
PO BOK
PO BOS
BOX
The one with the 'K' is interesting. 'K' is on the opposite side of the keyboard -- I can understand the 'S'.
The hardest part about parsing crap like this (there are 166,333 records) is determining what other variants I did not parse correctly (for example, considered as a street address, not a PO Box), not which ones I successfully accounted for.
Marc
Latest Article - Create a Dockerized Python Fiddle Web App
Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny
Artificial intelligence is the only remedy for natural stupidity. - CDP1802
|
|
|
|
|
Could have been a manager studying his PMBOK.
|
|
|
|
|
Jeremy Falcon
|
|
|
|
|
You really need to parse addresses ?If you start doing that, there will always be outliers that you will miss.
I'd rather be phishing!
|
|
|
|
|
Maximilien wrote: If you start doing that, there will always be outliers that you will miss. Software development is a constant war with the universe... Developers trying to do better idiot-proof software and the universe trying to do even dumber users...
So far the universe is winning
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Nelek wrote: Software development is a constant war with the universe... Developers trying to do better idiot-proof software and the universe trying to do even dumber users...
You made my day with this phrase!
|
|
|
|
|
You are welcome
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
The universe will always win.
|
|
|
|
|
Fully agree! This is mission impossible. How can one know that "BOS" should be "BOX" and not "BOSS" or "BOSSA NOVA"? Keep it simple and no risk, no fun!
|
|
|
|
|
Maximilien wrote: You really need to parse addresses ?If you start doing that, there will always be outliers that you will miss.
Sadly yes. And outliers are acceptable as we're trying to fill in some form fields that break out address, PO Box, and Rural Routes, and if everything fails, the address just gets put into the Address1 field.
We're aiming for improvement rather than perfection.
Marc
Latest Article - Create a Dockerized Python Fiddle Web App
Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny
Artificial intelligence is the only remedy for natural stupidity. - CDP1802
|
|
|
|