Password Managers are brilliant!
They allow users to create and use complex passwords because they give us a nice secure place to store them. Using Password managers also can also prevent users from writing them down or reusing passwords, which is a huge deterrent against hackers looking to compromise your accounts. It’s a win, win….or is it?
There is a slight weakness to some of them, which could allow attacks to extract your passwords without having to break into the manager itself.
The answer: Get-Clipboard
Get-Clipboard is a PowerShell command which allows you to view or extract what is stored in the clipboard. This got me thinking….Could this be used against me? I know that certain advance persistent threats (APT) use PowerShell for malicious purposes, so could this be one of them.
I then started to think what an average user would copy and paste. It would mainly be things…
View original post 569 more words