Originally published at: http://www.howtogeek.com/180615/keyloggers-explained-what-you-need-to-know/
A keylogger is a piece of software — or, even scarier, a hardware device — that logs every key you press on your keyboard. It can capture personal messages, passwords, credit card numbers, and everything else you type.
I usually use an auto form filler to fill in my details.
How about the age-old trick? Suppose your password is "letmein" (don't ever use this password in real life). Type this. L, then randomly bash the keyboard. Now in the password field, select everything other than the first character. Backspace. Now type e, random characters, select everything but the first two characters, delete. So the keylogger will get:
With all the above typed, the only stuff in the password field is "let".
It really depends on how well the keylogger is written. It's entirely possible that they can just grab the data out of the field, or check the text selection.
If you do have a keylogger on your computer, you shouldn't be typing passwords.
that's some really useful advice, geek. as the article states, if the keylogger is doing it's job, you won't know it's there. some of them are even advertised as being undetectable by antivirus programs. so while it may be said that you shouldn't type in passwords while there is a keylogger on your system, if you don't know about it and it is undetected, you should be trying something to make it harder for it to work. do you have any suggestions?
It's always a good idea to boot from an Ubuntu Live Disc when doing online banking or other important work that you wouldn't want keyloggers to steal. Doing that helps with everything except hardware keyloggers.
I was unaware that keyloggers can take screenshots! Yikes!
I and family travel to Ireland every year. I do not take my laptop, but while there I do occasionally use the public computers at the B&B's. I never log in to banking/credit card/email websites from those computers, but I had the thought that one could simply put usernames and passwords in a text file and on a memory stick, plug the stick into the computer, and swipe/paste that data to log in to sensitive areas. Using that technique you would never type your actual passwords, but screenshots would remain a risk!
Sure, that poses the risk of the memory stick being stolen, but there are other solutions to that as well, such as "coding" the passwords, then uncoding them later without having to type in the entire PW.
You missed keyboards which actually have a flashable keyboard-os like for example this Apple alu keyboard. You could develop your keylogger directly for the keyboard, and you may use the integrated USB-ports and the connection to the computer to infect as much devices as possible...
I actually don't check for keyloggers unless I'm specifically doing a service; I do this on every non-laptop (or any laptop I can't boot Xubuntu on).
This topic was automatically closed after 10 days. New replies are no longer allowed.