Identifying the leaker after a screenshot escapes, when the obvious tricks no longer work. The problem Last year, I watched a customer of ours forward a screenshot of an internal dashboard to a vendor. The screenshot showed financial figures that should have stayed inside the company. Nobody could prove who took it. If every pixel of that screen had carried that user's email or ID in faint diagonal text, we would have known the answer in five seconds. That is the whole idea behind a watermark. It does not prevent leaks. It makes leaks attributable. Why naive watermarks fail The simplest version is a <div> you put on top of the page: <div class= "watermark" > alice@acme.dev </div> Enter fullscreen mode Exit fullscreen mode The trouble: anyone who knows F12 opens DevTools and deletes the <div> in two clicks. Or overrides its CSS. Or screenshots the page before your watermark script runs. The naive watermark catches honest users.…