I am running the latest version of keepass and it mistypes usernames and passwords when I use CTRL-V. This occurs across applications (Firefox, Truecrypt) etc.
It doesn't happen all the time but happens at least 25% of the time. My passwords don't have any strange special characters and this has been getting more frequent.
For example, when I use CTRL V at my email login page, it will mistype my username very frequently. I have to hit CTRL V several times to fix the issue. The other fix is if I turn off Two channel typing but that would defeat the purpose of Keepass. The issue seems to be related to two channel obfuscation.
How can I fix this?
Thanks
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
You could try putting some delays or other workarounds (e.g. dummy typing followed by field clearing) into your key stroke sequence. Some sites with heavy scripting on the login page can present problems for TCATO. It is also possible that the state of one's computer at the time an auto-type is executed impacts performance. If the problem persists then the only other solution is to disable TCATO.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
TCATO is only of any use against old style key only loggers. More recent malware steals data direct from the browser, or targets KeePass directly. The only safe use of KeePass is on a clean machine.
cheers, Paul
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
This problem exists in severall (or all) versions and I've tried any keepass-option to identify or get rid of the problem - without success. For me the problem occur only in Linux (actually Ubuntu 14.04) and I tried it between keepass and the gedit editor to avoid the influence of scripting on websites. With CTRL-V about 3 to 6 times the pasted username and passwords are correct and then fail. It seems, as if some control keys are send to the interface, because in the beginning I encountered the switch between windows, which I could eliminate by the "Cancel Auto-Update..." setting. Then sometimes the use of the Linux GUI was not possible until I press the CTRL key. This also looks for me as if the control key is sent. Note, that my test passwords only consists of lowercase letters without capital letters, numbers or special characters. Only a TAB should be inserted by CTRL-V between username and password.
At the moment I use CTRL-B/CTRL-V and CTRL-C/CTRL-V to paste the username and password separately but it would be great, if keepass with Linux would operate as I know it from Windows.
Would it be possible to include debug code into a special version to identify this bug? Maybe, it is not the fault of keepass, but the xdotool, mono or the Linux scheduler.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
In my case, it's not related to my computer being slow or heavy scripts. Happens across websites and the fact that it only happens with TCATO indicates that the problem is with the keepass module. I haven't found any fix either - other than typing CTRL V several times.
Paul - you mentioned that malware is specifically targeting keepass. Are there any settings which defeat keepass specific malware such as secure desktop etc?
Also would keyscrambler provide protections against these malwares?
Thanks
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
It would make a lot of sense to add a secure desktop feature when typing password in a new database or changing password on an existing database, given these keepass specific malware.
It obviously is better to keep machine free of malware. However it is possible to get malware despite running anti-virus, firewall etc. Given that, it would be helpful to add the secure desktop feature in other instances where the password is entered.
Thanks
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I am running the latest version of keepass and it mistypes usernames and passwords when I use CTRL-V. This occurs across applications (Firefox, Truecrypt) etc.
It doesn't happen all the time but happens at least 25% of the time. My passwords don't have any strange special characters and this has been getting more frequent.
For example, when I use CTRL V at my email login page, it will mistype my username very frequently. I have to hit CTRL V several times to fix the issue. The other fix is if I turn off Two channel typing but that would defeat the purpose of Keepass. The issue seems to be related to two channel obfuscation.
How can I fix this?
Thanks
You could try putting some delays or other workarounds (e.g. dummy typing followed by field clearing) into your key stroke sequence. Some sites with heavy scripting on the login page can present problems for TCATO. It is also possible that the state of one's computer at the time an auto-type is executed impacts performance. If the problem persists then the only other solution is to disable TCATO.
TCATO is only of any use against old style key only loggers. More recent malware steals data direct from the browser, or targets KeePass directly. The only safe use of KeePass is on a clean machine.
cheers, Paul
This problem exists in severall (or all) versions and I've tried any keepass-option to identify or get rid of the problem - without success. For me the problem occur only in Linux (actually Ubuntu 14.04) and I tried it between keepass and the gedit editor to avoid the influence of scripting on websites. With CTRL-V about 3 to 6 times the pasted username and passwords are correct and then fail. It seems, as if some control keys are send to the interface, because in the beginning I encountered the switch between windows, which I could eliminate by the "Cancel Auto-Update..." setting. Then sometimes the use of the Linux GUI was not possible until I press the CTRL key. This also looks for me as if the control key is sent. Note, that my test passwords only consists of lowercase letters without capital letters, numbers or special characters. Only a TAB should be inserted by CTRL-V between username and password.
At the moment I use CTRL-B/CTRL-V and CTRL-C/CTRL-V to paste the username and password separately but it would be great, if keepass with Linux would operate as I know it from Windows.
Would it be possible to include debug code into a special version to identify this bug? Maybe, it is not the fault of keepass, but the xdotool, mono or the Linux scheduler.
In my case, it's not related to my computer being slow or heavy scripts. Happens across websites and the fact that it only happens with TCATO indicates that the problem is with the keepass module. I haven't found any fix either - other than typing CTRL V several times.
Paul - you mentioned that malware is specifically targeting keepass. Are there any settings which defeat keepass specific malware such as secure desktop etc?
Also would keyscrambler provide protections against these malwares?
Thanks
I doubt it is KeePass at fault as TCATO has been tested extensively.
Entering the KeePass password on a secure desktop is a good idea as this defeats key loggers. An even better solution is to keep your machine clean.
cheers, Paul
It would make a lot of sense to add a secure desktop feature when typing password in a new database or changing password on an existing database, given these keepass specific malware.
It obviously is better to keep machine free of malware. However it is possible to get malware despite running anti-virus, firewall etc. Given that, it would be helpful to add the secure desktop feature in other instances where the password is entered.
Thanks
The developer is aware of secure desktop and no doubt would implemented the feature where appropriate and if feasible.