• General
  • How secure is the clipboard in GrapheneOS?

How secure is the clipboard in GrapheneOS?

If I copy passwords from KeePassDX could they potentially be read by other apps?

Some of the passwords are too long and complicated to type. Is there a workaround for this?

Maybe you can link KeePassDX to a browser securely and autofill passwords? Is that safer?

You should check out Magikeyboard which can be found in KeePassDX settings. It acts as a clipboard for any input you want to enter your credential.

    Deviation
    It does not act as a clipboard, it is a virtual keyboard that enters secrets from Keypass. But the result may look similar, this is the way to go. Some browser
    (Vanadium not) support also autofill with Keypass.

    • GI1 replied to this.

      ReadOnlyUser I mean when you copy an existing password to then paste into a website.

      You need to copy to the clipboard to then paste into a website. I don’t mean when you type the password into KeePassDX to save.

      Is there a security risk to this as other apps can potentially read the clipboard?

        GI1
        Magikeyboard can type saved credentials from Keypass into anything (website, other app...). Of course you could also copy them but then the data may be grabbed from the clipboard by another app.
        To save an existing password into Kepass you have to use the regular keyboard or also the clipboard.

        Android 13 usually keeps the content of the clipboard for 1 hour. Keypass can clear it after a defined (shorter) time. You may have a look into the Form Filling menu of Keypass.

        • GI1 replied to this.

          GI1 I think it's a mixture of Keypass settings and system settings. You can take the settings menu in Keypass as a good starting point.
          If everything is configured you can select the Magickeyboard whenever the usual keyboard pops up. Just tap the world button beside the space key and select Magickeyboard. It changes back to normal keyboard when credentials are filled in.