I copy passwords from my password manager all the time (I use KeePass, so they're long and complex), and I know a lot of people do the same. How is it that Samsung’s clipboard saves everything in plain text with no expiration? That’s a huge security issue.
I even tried switching to Gboard (Google’s keyboard), thinking that would help, but nope, everything I copied was still getting saved in Samsung’s clipboard. Turns out the clipboard functionality is tightly integrated with One UI, so it doesn’t matter what keyboard you use, your clipboard history still gets stored in plain text.
There should at least be an option to auto-delete clipboard history after a few hours. Right now, the only option is to manually go in and delete sensitive stuff. If someone steals your phone, or even if a friend or acquaintance uses it while it’s unlocked, they can just scroll through your clipboard and see all your passwords? That’s wild.
We understand your concerns regarding clipboard behavior and how it may affect sensitive content. Clipboard history in One UI is managed at the system level.
Your suggestion for more control over clipboard data—such as auto-clear or exclusion options—has been noted and shared with the appropriate team for consideration.
In the meantime, we recommend manually clearing clipboard history when needed and using secure input methods for sensitive information.
Thanks for the reply, but honestly, I don’t think this is just "helpful feedback", it’s a serious security flaw that should be prioritized.
This issue has been raised by users across the internet for years. Just search through Reddit, XDA, or Samsung forums, people are genuinely concerned (example 1 , example 2 , example 3 , etc.), some people say they won’t buy Samsung devices because of this and I don't blame them. Clipboard history storing sensitive data in plain text indefinitely is not just an inconvenience, it's a vulnerability.
Auto-clearing the clipboard after a short time shouldn’t be a "nice to have" it should be a basic security feature.
I completely agree. As a loyal samsung user, privacy concerns will strongly affect my purchasing decision. Especially with the current environment, privacy is PARAMOUNT.
It's an option within Secure Folder, why is it not an option system-wide?
I don't imagine after 4 years of being reported that this will be patched in some way. I wasn't even aware until I updated to OneUI 7 and saw the popup saying Samsung Keyboard accessed the clipboard (somewhat strange considering I use Gboard).
This along with the Secure Folder security issues should be high priority over cosmetic updates.
Are Samsung going to compensate me for any financial losses I incur due to this vulnerability? I purchased a S10 tablet recently and have a number of cryptocurrency wallets installed. May I assume the use of 2FA, fingerprint and facial recognition will protect me?
