Convenience creates additional exposure
Copy buttons and QR codes make long credentials easier to move between devices, but they also create new places where sensitive information may remain. The generated password may be secure mathematically while still being exposed through clipboard history, screenshots, cameras, synchronization services, or malicious applications.
Clipboard risks
Operating systems and keyboards may keep clipboard history or synchronize copied text between devices. Other applications can sometimes read clipboard contents, and remote-support or screen-sharing software may reveal what you copy. After pasting a credential, replace the clipboard with harmless text and clear clipboard history where available.
QR-code risks
A QR code is not encryption. Anyone who photographs or scans it can read the encoded value. Avoid displaying credential QR codes in public, on shared screens, during video calls, or near security cameras. Close the QR view immediately after use and do not save it as an image.
Moving a credential to another device
Prefer direct entry on the trusted destination device when practical. When scanning is necessary, confirm that the receiving device, camera application, and network are trustworthy. Do not upload credential QR codes to online scanner websites or cloud image tools.
Browser and extension safety
Extensions can have permission to read and change page content. Keep only necessary extensions from reputable publishers and review their permissions. Use an updated browser and operating system. For sensitive activity, a clean browser profile with minimal extensions reduces exposure.
Shared-device checklist
- Do not use remember-password prompts on a shared computer.
- Close generated results before leaving the device.
- Clear clipboard history and downloaded screenshots.
- Sign out of the target service.
- Avoid public computers for important accounts.
Related guidance
Read the full Kardix security guide and learn how fake pages capture credentials.