Protect confidential Passwords by Fooling Keyboard Loggers

White KeyboardDo you want your boss to see how much you have in your Paypal Account? How would you like if the net café boy starts sending emails from your account? Do you think that your non-geeky sister won’t find your locked drive password? Its all possible if there is a keyboard logging software installed.

Keyboard Logging Softwares can record every keystroke you make. Google for Free Keyboard Loggers and you will find many freebies that can track every key-stroke anonymously. Most public computers and office computers use such software to track the activities of its users. But you are no longer afraid of them. See how you can protect your passwords from such Keyboard Loggers.

Cheating the Key-Stroke Logger

Use the On-Screen Keyboard: The Accessories in windows have an on-screen keyboard. Type ‘osk’ in the RUN command box for the On-Screen Keyboard (OSK). Now, type in your password using the mouse and the OSK.

But recently I tested this on a Key-Board Logger and I was amazed by what the software could do. It had recorded the password typed in using the OSK. But we are not giving up yet!

Fool the Logger by shifting the focus: Type in the password in bits, by turning on and off the focus of the password box.

For e.g. : If the password is ‘amnesia’ (lol, that’s not my password 😉 ) type in ‘am’ in the password box. Now click on a blank area in the window and so that the password box is not in focus anymore. Now type some random text (say ‘monia’). This will not appear on the password box since it is out of focus. Now click on the password box and type some more of the password, say ‘ne’. Again click on a blank area and type some random words. Repeat this till you complete your password.

The Keyboard Logger would have recorded am-monia-ne…(without the – ) since most loggers can’t differentiate the fields. That way we cheat the Logger with a wrong password.

I would recommend the second method, but if your password is that important, use a combination of both the methods. This is also a great way to keep your passwords safe when using a public computer. You would be surprised to know how identities are stolen, they first get into your email and then is easy for them to access your credit card and bank information.

If you had been accessing your accounts from public computers, how were you keeping them secured before reading this?

Hello, I am Arun Basil Lal. Thank you for reading!

I am a WordPress product developer and creator of Image Attributes Pro. I am passionate about solving problems and travelling the world.

Divi WordPress Theme - My Review

Divi WordPress Theme
Divi is a WordPress theme that web designers do not want you to know. It comes with a drag-and-drop theme builder. You can build beautiful looking unique websites without touching a line of code. Just choose from one of the many pre-made layouts, or pick elements and arrange them any way you like.

Divi is every WordPress developer's wet dream. Surprise your clients with neat responsive websites and have fun building them.

Divi comes from Elegant Themes. If you enjoy building websites, you *need* an Elegant Themes membership. 87 beautiful themes and 5 plugins for the cost of less than a candy-bar each!


Note: I am an avid user of Divi myself and this is a honest review. I wouldn't recommend something that I do not personally find amazing.

15 Comments.

  1. Wesley says:

    The best way is to simply use a password manager that will prefill the username and password field.

    • Arun says:

      But in public computers you cant have a password manager, can you..? Do you know any plug-and-play portable password managers..?

      The very essense of password managers is the storing of passwords, which is not what you want on public computers.

      Thanks for noting this point, you can use that on your home computer and save your password from your sister. lol

  2. smartin says:

    How about using Virtual Keyboard provided by Antivirus vendors ?? I think Kaspersky provides one .

    • Arun says:

      Hey, I didnt knw that there was something like that. That sounds like a working idea, but you can have an antivirus instaled on a public computer na..? You can have any extra facilities too. You will be compelled to use their system.

      Thanks for sharing the tip. That was really new for me.
      Happy New Year

  3. smartin says:

    Oh Arun !! are you using the hosting offer by those guys(techseol) at BCK?? Well ,I know them . One of them was my class mate and others were Bach mates . I do have a personal hosting account for my forum and few blogs . But for a personal blog , its better to use Blogger . It will work(for ever) even if the hosting charges are not payed .
    Btw,thanks for commenting on my blog 🙂 I never expected anyone on the pre-stage ..
    Keep up the good work in 2009
    All the best ,
    Smartin

    • Arun says:

      He he, Coudnt help when I saw you on the top commentators of Themelib and if am into any blog, I will definitely leave a comment. lol

      I am using Techseols hosting, pretty good.
      I was into blogger Smartin, i was at millionclues.blogspot.com
      I got PR2 for that blog yesterday, nothing for this one.

      Cheers, Enjoy personal blogging.

  4. bobby says:

    hey all this methods are too hard so just simply use the virtual keyboard provided by windows at

    start-> accessories -> ease of access -> Onscreen Keyboard (this is in vista)

    its also available for xp and that too in accessories and its very easy for you to figure it out

  5. Eldreda Christner says:

    You rock. World needs more souls like you.

  6. Girish says:

    This Idea is cool

  7. Amal Roy says:

    Using both the methods is a good idea. Thanks for the tip. Here is a link to a password manager which is portable.

    link more details are there on this site.

  8. Jodson says:

    Hmm, interesting. But what i usually do is check the running processes in Windows Task Manager. But you gotta know what you are looking for. And all my checks are based on the following assumptions
    1. Keyloggers are NON-SYSTEM process
    2. Knowledge of commonly used programs creates awareness of suspicious programs, I kill all suspicious processes.
    3. Vital assumption deep levels of tech info is not in the heads of cafe operators in kerala[big assumption, i could be wrong, but i believe it otherwise for my own relief]

    But after reading your post, i checked for the possibility of keyloggers hidden in programs [http://it.toolbox.com/blogs/securitymonkey/detecting-windows-keyloggers-1352] and apparently there is. I dont know how many people go that far. But if your so concerned, read and protect yourself.

    Regards

    Jods
    Xoxo

Leave a Reply

Your email address will not be published. Required fields are marked *

*