https://bugs.kde.org/show_bug.cgi?id=458063
Bug ID: 458063 Summary: KDE Connect clipboard sharing syncs passwords copied from password managers Product: kdeconnect Version: 22.04.3 Platform: Fedora RPMs OS: Linux Status: REPORTED Severity: normal Priority: NOR Component: common Assignee: albertv...@gmail.com Reporter: firlaevhans.fi...@protonmail.com Target Milestone: --- SUMMARY Also see https://www.reddit.com/r/kde/comments/ws99fn/can_i_make_kde_connect_ignore_copied_passwords/ Basically, I want to keep using the clipboard sync feature of KDE Connect, but unfortunately it means that passwords copied from my password manager will also be synced to the connected devices and, unlike on the machine they were copied from, won't be automatically deleted from their clipboards after 10 seconds. This is a pretty big security issue for anyone using both a PM and a synced clipboard. If there's a way KDE Connect could know where a clipboard item came from, it would be great if one could blacklist specific sources (like my Password manager KeepassXC) from being synced to other devices. STEPS TO REPRODUCE 1. Have a connected device via KDE Connect, with clipboard sharing enabled 2. Let your password manager copy something to the clipboard 3. Check the clipboard on the connected device OBSERVED RESULT The copied content (password) is synced to all other devices. On the "host" machine, password managers like KeepassXC will usually automatically delete the copied password from the clipboard after a few seconds. Also, even within those few seconds, the password doesn't show up in the Klipper history. But on all devices that KDE Connect syncs the clipboard to, the password is permanently added to the clipboard. EXPECTED RESULT If possible, KDE Connect should be able to have a blacklist of applications whose clipboard items will not be synced. Otherwise, it might be possible to get away with only syncing the actual Klipper history and not copied items that aren't added to the history (because KeepassXC passwords aren't, but manually copied stuff would be) SOFTWARE/OS VERSIONS Operating System: Fedora Linux 36 KDE Plasma Version: 5.25.4 KDE Frameworks Version: 5.96.0 Qt Version: 5.15.5 Kernel Version: 5.18.17-200.fc36.x86_64 (64-bit) Graphics Platform: Wayland -- You are receiving this mail because: You are watching all bug changes.