Virtual Keyboard expansion

  • Roland

    Roland - 2011-12-18

    Hello. This is my first post about this great product. I just upgraded to
    v3.27 from an older version. I deploy this to a number of users, and I see
    several improvements that will make it much easier to convince them it is
    worth the effort to use (always the most difficult task when it comes to users
    and good security practices). In fact, I believe that I can now make a
    plausible case that it is easier to use PWSafe than to type in even trivial pw
    manually. I really like the virtual keyboard on the windoze version. One of
    the reasons that I upgraded my personal copy was a recent trojan keylogger
    warning from my AV. That turned out to be an apparent false positive, but it
    got my attention, so I noticed the vkb in 3.27 immediately. If fact, I like it
    so well I need to ask how difficult it would be to expand it's availability
    from only the master password dialog to the individual password maintenance
    dialog itself. It strikes me that while using PWSafe to furnish authentication
    to sites and applications by means of the clipboard is a fairly good keylogger
    preventative, as long as that information must be initially entered into the
    individual pw record via the keyboard, some unnecessary vulnerability remains.
    While this is a feature that I could live without if it was difficult to add,
    if it is not, it would seem like a worthwhile enhancement.


  • Rony Shapiro

    Rony Shapiro - 2011-12-19

    Hi Roland,

    Thanks for your kind words - always nice to hear from a satisfied user.

    As to the virtual keyboard, a couple of points:

    1, The Generate button in the Entry dialog box puts a password in the field
    without going through the keyboard.

    1. Sorry to disappoint you, but there's nothing that prevents a keystroke logger from accessing the data in the clipboard as well...
      Bottom line is that PasswordSafe, like any application, is only as secure as
      the PC it's running on. If your PC has some malware installed, all bets are



Log in to post a comment.