AutoType not working on Windows Secure Desktop after Windows update (KB5074109)
A lightweight and easy-to-use password manager
Brought to you by:
dreichl
Menu
▾
▴
#2413 AutoType not working on Windows Secure Desktop after Windows update (KB5074109)
Since installing the Microsoft security update mentioned in the title on our network, the autotype appears, but when we click to choose a password, nothing is entered. (Bug in the "Windows Security" window when opening an RDP session)
I tried it with RDP-Connections aswell as Network Shares, the credentials will not be entered. Works fine for anything else.
KeePass Version: 2.60
On another Workstation without the KB in the title, everything works fine.
same here.
Two-Channel Auto-Type Obfuscation doesn't make a difference.
Manual Copy&Paste from KeePass to the Window with STRG+V works.
I uninstalled "Update for Windows Security platform - KB5007651 (Version 10.0.29429.1000)"
and then it works again.
I believe this Update is part of the "2026-01 Cumulative Update for Windows 11 Version 24H2 for x64-based Systems (KB5074109) (26100.7623)"
Last edit: Björn Martin 4 days ago
I can reproduce this issue and have experimented with it. The new Windows Security credentials dialog blocks other applications running with normal user rights (such that auto-type doesn't work, drag&drop doesn't work, accessibility tools cannot inspect the dialog, etc.). I don't see how KeePass could get around that with normal user rights.
You could do the following:
As this is probably an intended security improvement by Microsoft (i.e. not a bug that will be fixed) and affects many users, I've now added the Windows Security credentials dialog as an example in the 'Rights' section of the auto-type help page:
https://keepass.info/help/base/autotype.html#req
Thanks and best regards,
Dominik
Thank you for mentioning workaround with "Run As Admin".
Is it possible to run KeePass with admin privileges by default?
You could create a shortcut to 'KeePass.exe' and activate the option 'Run as administrator' (in the shortcut properties → tab 'Shortcut' → button 'Advanced').
Best regards,
Dominik
I can't get it to work when running KeePass as an administrator, either. Any idea?
Thanks for reviewing the problem. May I suggest a workaround: a small extra Service, that is installed extra (or "activated" with admin rights) and runs under SYSTEM. KeePass can communicate with the Service/Tool/Plugin which handles the Auto-Type. So the Program doesn't need to get started as Admin, which is not an option for many users.
This Option could be a third optional Auto-Type-Option, just like "Two-Channel Auto-Type Obfuscation".
You'd only need to ensure, that the tool only receives commands from KeePass somehow. Maybe an key password, which is created during install of the tool and has to be inserted in a database-options field in the KeePass-DB. And then use the key as encryption and signature for the communication.
What do you think?
Great idea. Are you going to write it?
cheers, Paul
In my opinion, such a service would be a significant security risk.
I'm not planning to add this in KeePass, but if someone develops a plugin, I'll happily list it on the plugins page.
Best regards,
Dominik