Monitoring Clipboard in Golang: A Guide to Obscuring Passwords

Introduction

In this article, we explore creating a Go program that monitors the system clipboard, automatically substituting passwords with asterisks. Uniquely, the program leaves the last few characters (minimum 1, maximum 3) of the password visible when the password length exceeds 8 characters.

Understanding Clipboard Monitoring in Go

The Clipboard Package

Go lacks a built-in library for clipboard operations. We use atotto/clipboard, a third-party package offering simple clipboard interfaces.

Polling Mechanism

The program periodically checks the clipboard’s content, processing it based on predefined criteria through a polling mechanism.

Implementing the Clipboard Watcher

Setting Up the Environment

Ensure Go is installed on your system. Download it from the Go website.

Installing the Clipboard Package

Install atotto/clipboard:

go get github.com/atotto/clipboard

Writing the Clipboard Watcher

Create clipboard-watcher.go:

package main

import (
    "github.com/atotto/clipboard"
    "strings"
    "time"
)

func main() {
    var previousContent string
    for {
        currentContent, _ := clipboard.ReadAll()
        if currentContent != previousContent {
            const passwordPrefix = "password: "
            idx := strings.Index(currentContent, passwordPrefix)
            if idx != -1 {
                passwordStart := idx + len(passwordPrefix)
                passwordEnd := strings.Index(currentContent[passwordStart:], " ")
                if passwordEnd == -1 {
                    passwordEnd = len(currentContent)
                } else {
                    passwordEnd += passwordStart
                }
                password := currentContent[passwordStart:passwordEnd]

                var unobscuredLength int
                if len(password) > 8 {
                    unobscuredLength = 3
                    if len(password) < 11 {
                        unobscuredLength = len(password) - 8
                    }
                } else {
                    unobscuredLength = 0
                }

                obscuredPassword := strings.Repeat("*", len(password)-unobscuredLength) + currentContent[passwordStart+len(password)-unobscuredLength:passwordEnd]
                modifiedContent := currentContent[:passwordStart] + obscuredPassword + currentContent[passwordEnd:]
                clipboard.WriteAll(modifiedContent)
            }
            previousContent = currentContent
        }
        time.Sleep(1 * time.Second)
    }
}

This script obscures passwords with asterisks, leaving the last 1 to 3 characters visible for passwords longer than 8 characters.

Making the Application Installable

Compiling the Go Program

Compile into an executable:

go build clipboard-watcher.go

Creating an Installer

Use tools like Inno Setup (Windows) or Packages (macOS) for distribution. For Linux, distribute a shell script to copy the executable to a location like /usr/local/bin.

Conclusion

This clipboard watcher in Go provides an innovative approach to obscuring passwords while maintaining a hint of their length. It’s a practical starting point for more advanced clipboard monitoring applications.