Sep 2, 2008

To be safe from Keyloggers

Digg it !!!

As i am an engineering student from kerala, I sometimes travel without my laptop and need to access password protected websites from internet cafes or Hostel and IT centres.I worry about whether these public computers have Keyloggers installed.


By using the windows onscreen keyoard accessibility utility,can i safely prevent keyloggers' recording my passwords? If the onscreen keboard simply creates keypress events that can still be intercepted by keyloggers,then can copy or paste the keylogger threat?Or do Keyloggers also record the contents of the windows clipboard?Do u have another suggestion for safety entering passwords at public computers?

The On-screen Keyboard utility is designed to let mobility-impaired users enter small amounts of text,typically by using a specialized pointing device.For maximum compatibility,it works by sending simulated keystrokes to the actie application. I tried it with a number of commercial keyloggers that i use in antispyware testing,and it was no help at all:The simulated keystrokes were captured just as keystrokes would be.

You could conceivably launch the Character Map utility and build your passwordby double-clicking characters.Once you had built the whole password you had click the copy button and paste it into the password-entry box.Unfourtunately,keyloggers can do a lot more than merely log keystrokes.Most also record everything that gets copied to clipboard and many also snap screenshots of program activity .Character Map,then is not a solution.

One possibility that seems hopeful is this:Type your password with extra charcters in it and then use the mouse to highlight and delete the middle fourdots.Or type pla2s3s4w5o6r7d8 and deleat every other dot . a keylogger would still record aall of the keystrokes that make up your password, but they will be mixed with other unrelated keystrokes.

If you need to use a public pc, your best option for entering passwords is to use a mobile password management/from filling application such as Siber system Pass2Go. Pass2Go runs off a USB memory key and protects your passwords behind a master password .Even if the master password is compromised , its useless to the thief unless he has your USb key,too . its not a foolproof solution , but will evade hacking tools that rely on capturing keyboard events.
You should do your best to avoid using non-secure computers . Even if you keep a key-logger from snagging your password , it might still take screenshots of key financial info. Your best bet is to implement a high degree of security on your laptop and resign yourself to lugging the darn thing along.

0 comments:

Post a Comment