This issue is fixed in the Windows 10 1803 versions and newer.
I received a lot of positive feedback on my previous post on accessing the clipboard from the lock screen using the wireless password field.
Just out of curiosity I tried other combinations on doing the same thing, and I found out another cool trick to do the same using the Narrator feature in Windows.
You heard me (#LOL – Narrator is the component that reads stuff out loud) I did the same with Narrator. So, you are probably wondering how I did it using the Narrator. It is shown in the following video:
I also tried to «fuzz» the different fields to see if it is possible to break out of the Narrator application. I was not able to find any method.
Well, hope you enjoyed it and I hope Microsoft does something about this in the future. A quick fix to disable the narrator is to change the ACL on the Narrator.exe and deny read and execute to everyone. I have not found a Group Policy settings that disables this yet. I will update this post if I do.
Hope you enjoyed this post and find this exciting as I do. (I am such a geek)
A good point from Papagon in the comments. You can also change the content of the clipboard using CTRL+C.
11 thoughts on “Accessing clipboard from the lock screen in Windows 10 #2”
Thanks for sharing this trick.
From my point of view, this new method is more dangerous than using the wireless password field, because you can now change the clipboard content, simply with ctrl c on the narrator command search field.
By changing the content, you can imagine other attacks scenarios…
Wow. I did not think of that at all. Awesome feedback man. I will update the post.
Nice find! And hard to believe MS is downplaying this.
Also (shameless plug!) I just released an update to my ClipTTL system tool to instantly clear the clipboard when the session lock is detected.
Why not just set up a scheduled task to clear the clipboard at logoff?
Arguments: /c “echo off | clip”
That would solve the problem for sure. What I would like is that Microsoft fixes this in the OS.
I found another method that does not require networking screen or narrator.
You can use the “Password Recovery” tool to expose and replace clipboard data. I’ve posted a quick demo of the method here: https://youtu.be/XdbFGjOOel0?t=4m