Make it clearer whether it normally uses the clipboard

[vemv]

Hi!

I've used pass for a while and am concerned about it using the clipboard at all.

Probably this extension doesn't, but it'd be helpful to fully clarify that point.

In affirmative case I would suggest a edit to README.md such as:

It uses a native binary written in Golang to do the interfacing with your password store. Secure communication between the binary and the browser extension is handled through native messaging.
+
+ Unlike the original `pass` command, browserpass doesn't put your password in the
+ clipboard at any point (unless you explicitly do so, which is normally not necessary),
+ defending you from rogue processes that may continuosly scan the clipboard.

Cheers - Victor

[erayd]

I can confirm that browserpass does not use the clipboard, unless you explicitly use one of the clipboard features (e.g. copy username / copy password). Autofill injects the credentials directly into the DOM.

Clarifying this could be useful, as you say - however, the wording needs to be a bit different I think. Clipboard is a common use-case for pass, but it's certainly not the only way to use it, and is not the default action.

@maximbaz - what do you think?

[maximbaz]

Fine with me, how about #284?

[erayd]

Works for me :-).

[vemv]

I'm happy with the confirmation and PR. Perhaps the text could be more categorical / be presented earlier.

OTOH I understand this observartion:

Clipboard is a common use-case for pass, but it's certainly not the only way to use it, and is not the default action.

As you please!

[maximbaz]

Let's leave it like this for now, README will be restructured a bit when we get to v3