Keepass password saved to memory

I use Keepass 1.x on windows and KeepassX on the mac to access the same database stored in dropbox.

I noticed that when I copy a password using CTRL+C, that password stays in memory even after I close the Keepass database. I looked in the options have the feature checked to "copy data to clipboard and clear it automatically after some seconds"...and I am using 10 seconds as the time limit, but it doesn't clear the clipboard.

Can someone tell me what I'm doing wrong? I've been using Keepass for years and never noticed this security flaw (on my side). How can I fix it so that my passwords don't stay in memory so that I can't paste them using CTRL+V long after I closed my password database?

 

Most likely, because you use version 1, which does not support Trigger System like "Copy to clipboard". http://keepass.info/compare.html (the last one)

 

Switch to Keepass 2!

 

That is really weird. I'm using KeePass 1.x and the clipboard is cleared after the number of seconds I specified (10 in my case). Are you sure there is no other clipboard management app running that somehow manages to store the password?

 

I've never used a clipboard app (to my knowledge). I don't even know what I would use one for...let alone the name of one to download.

Hmmm, this problem is really bugging me and I can't find a solution.

 

Maybe switching to AutoType with 2 Channel Obfuscation (does 1.x even offer this?) would be better? I'd switch to 2.x as well, but it is an interesting bug, hope you get it figured out and let us know.

PD

 

You might drop an email to Dominik (Keepass creator), I am sure he will get back to you.

 

Ok, I figured out the issue because I was having the same problem with Lastpass. When I copy a password in Keepass, I was highlighting the password and either using the keyboard to CTRL+C or right clicking and selecting copy on the highlighted field. Apparently Keepass did not know I was actually copying something.

The solution for me is to highlight the unopened password entry and select "copy password." When I do this, it clears out of memory in the amount of time I have selected (10 seconds).

I can't believe I've used Keepass for so many years and never knew about this. I've been putting my passwords on the clipboard and just leaving them there.

 

You can also select the entry (not the password!) and press CTRL-C.

 

I looked at this thread yesterday and wondered why it wasn't working for you because it had always worked for me when I used KeePass. But I also assumed you were using the button in KeePass itself, not the generic clipboard.

FWIW, from my personal tests, when you drag and drop the user name and password using KeePass, it bypasses the clipboard. A very good thing!