If you own one of Samsung’s top Galaxy phones, you should be aware of a newly discovered security flaw that could put your private information at risk. Users on the US Samsung Community board recently pointed out that the clipboard feature on Samsung devices saves everything you copy—including passwords, banking details, and personal notes—as plain text, with no expiration date.
Whenever you copy something on your Samsung phone—like a password from your password manager, your bank account number, or even a draft of your resume—it’s stored in the clipboard history. Unlike some other Android phones or keyboards (like Google’s Gboard, which deletes clipboard data after an hour), Samsung’s clipboard keeps this information indefinitely, unless you manually delete it.
This means that anyone who picks up your unlocked phone can access your clipboard and see everything you’ve copied. Even worse, some types of malware, like info-stealing trojans, are designed to search through your clipboard for passwords and other sensitive data.
Samsung moderators have confirmed this issue, admitting there’s currently no built-in way to automatically clear the clipboard after a certain period. They agreed with users that an auto-clear option or the ability to exclude sensitive apps from clipboard history would be valuable improvements, and promised to pass this feedback to Samsung’s development team.
The clipboard is meant to be a convenient tool, but this flaw turns it into a potential security hole. If your phone is lost, stolen, or even just left unattended for a moment, anyone could access your copied passwords or personal information. And with malware targeting clipboards, your data could be at risk even if you’re careful with your device.
What can you do to stay safe?
Until Samsung releases a fix, the best way to protect yourself is to avoid copying sensitive information—like passwords or banking details—on your Samsung device. If you must copy something private, remember to manually clear your clipboard history right away.
A safer alternative is to use passkeys instead of passwords. Passkeys are unique digital keys that are stored securely and can’t be reused or easily stolen. Many major services, including eBay, PayPal, and BestBuy, now support passkeys, and they’re becoming more common as a safer way to log in.
Now that this clipboard issue is public, Samsung is under pressure to address it in future updates to its One UI software. In the meantime, users should be extra cautious with what they copy and consider switching to passkeys or other secure login methods whenever possible.
Sources:
Tom’s Guide – https://www.tomsguide.com/computing/online-security/samsung-phone-security-flaw-leaves-passwords-exposed-protect-yourself-now
