Quote:
Originally Posted by ubeticall
Doesn't Keepass copy the password into your clipboard? What's the point of the program then?
Because briefly copying a password on to your clipboard is a minor security risk compared to the alternatives (using the same or similar passwords for more than one account). Also, if you have that little trust about what software is running on your machine, then keepass has various additional features such autotype (passwords never go to the clipboard but sent directly thru keyboard strokes); 2-key protection when using the clipboard (basic snooping fails).
(this below is going a bit off-topic - OP this isn't directed to you at all)
I've said this many times before and i'll say it again until someone proves me wrong:
i have never seen a report of someone ever finding a 'keylogger' on their machine after an account is hacked. Certainly it's good to make sure you dont download dodgy files, run a good virus checker etc, saying "what's the point of keypass?
" because it may briefly put a password in your clipboard if you use a specific feature is silly. The main point of keepass is that you can
easily store hundreds of strong random alpha-numeric passwords safely and securely.. You can then choose to retrieve the password however you want (clipboard, autotype, manually typing it in). That doesn't pose an additional security risk.
There are so many things people don't do correct that advising users not to use keepass is horrid advice. A lot of people:
- Use one password over multiple accounts (kp solves this)
- Dont change their passwords frequently (kp has expiry)
- Dont use strong enough passwords (kp creates strong rando passwords)
- Write down their passwords somewhere insecure to remember them (kp encypts teh password database)
- Use the same email address for the poker accounts as their personal one (with kp, having multiple email addresses with different credentials is a breeze).
- Trust their personal machine too much so store login credentials to their emails and accounts with cookies, and check the "store my password" feature in poker clients (with kp this isn't neccessary).
etc.
Bottom line - KP is the nuts and advising people otherwise is bad.