This issue is fixed in the Windows 10 1803 versions and newer.
I discovered something interesting that I wanted to be shared with the rest of the world.
Before you read any further, I want you to know that I did send an email to MSRC (Microsoft Security Response Center) about this. The answer I got was this:
<quote>«In general, MSRC does not consider issues that require physical access to be exploited as security vulnerabilities (immutable law #3 in the link below).
If the issue allows for direct code execution bypassing the logon screen of a locked computer, we may consider that a security vulnerability on a case-by-case basis.
“Definition of a Security Vulnerability”
“Ten Immutable Laws Of Security (Version 2.0)”
What I discovered was that I could access the clipboard from the lock screen on Windows 10. How do I do that?
Look at this video:
In this video I, have copied a text to the clipboard prior to locking my machine and I am able to paste into the key field on the wireless connection (WHAT????).
The thing that I find strange is that every other field (username / password) is prohibited to accept paste and to me that means that Microsoft do have some thoughts on preventing access to the clipboard from the lock screen.
I guess this could be useful for an attacker doing social engineering attacks. Like going to a computer during lunch and see what is on the clipboard. And when you think about it, more and more companies are starting to use password managers that generates passwords for the user. And what happens when a generated password is not possible to remember? The user copies it to clipboard of course.
I don’t think this is a serious issue, but I would assume that it would be easy for Microsoft to prevent this with a few lines of code.
Hope you liked the blogpost and remember, sharing is caring. 🙂
Update #1 26.01.2017: It has come to my attention from Reddit that if you try to connect to an 802.1x-network you will get the unmasked username field as well. Thanks to paulanerspezi for pointing that out.
To clear your clipboard before locking your computer you could run the following command:
cmd /c “echo off | clip”
Update #2 26.01.2016: How to remove the network icon from the lock screen
To remove the network option on the lock screen you could either create a Group Policy and link it or do it locally if your computer is not a part of a domain. The settings are exactly the same.
To block it on a local machine that is not a part of a domain, you do the following:
Then you browse to this location (Computer configuration – Administrative Templates – System – Logon):
Then you change the “Do not display network selection UI” setting to enabled like this:
A new blogpost about the same problem using Narrator.
11 thoughts on “Accessing clipboard from the lock screen in Windows 10”
It’s a password field though, so the content of the clipboard isn’t being disclosed, but only the length (where it is below the maximum length of the visible password box).
Well, you can click on the Eye icon and see the content after pasting so I would say it is disclosed… See the video.
There is another method that does not require the narrator. Use the “Password Recovery” option after typing an invalid password.
– Insert any removable media, contents do not matter, removable media is required for password recovery tool to run.
– Enter invalid password
– Run password recovery, select Next
– Paste clipboard contents into the media selection ComboBox
I demonstrate this method here: https://youtu.be/XdbFGjOOel0?t=4m
You can also disable the ability to view passwords with the eye button. Even though this feature is nice, I would absolutely disable this.