This is a pretty random blog entry, but oh well… I am sitting in the London airport. In the lounge here, they have a computer that is connected to the Internet. I sat down, opened a browser, typed in my webmail domain and paused for a second. Then I opened a command shell and checked for open ports, processes running, and all that. Well, I still felt like I couldn’t enter my password. What if a keylogger was running?
Then I had an idea. I opened a notepad and just entered some random characters. Then I started, using the mouse, to rearrange the letters into my username and password. A key logger is not able to capture my password like this. I _think_ I successfully circumvented these beasts.
I know, there are other trojans, such as transaction generators that could get in my way, but …
Not to be snarky – but you can just use one time pass or tokens like most of us do…
Comment by yoshi — June 16, 2007 @ 10:32 am
…Unless the contents of the keyboard are captured.I think OSK could help you as well.
Comment by ddsi — June 16, 2007 @ 11:30 am
It will not help you.
There are some like All In One which i personally use to keep my kids that takes screenshot whenever you click the mouse and it even shows you the mouse cursor.
Moreover, it logs Copy paste.
You will need to find another way.
Jo.
Comment by jo — June 17, 2007 @ 2:39 am
I absolutely aggree with comment#3 – such a way will not help you to protect yourself form keyloggers… the onle way is to use anti-keyloggers. If you are interested in anti-keyloggers then I can recommend you to visit this site:
Comment by Chuck — June 19, 2007 @ 3:40 pm
http://anti-keylogger.org
Comment by Chuck — June 19, 2007 @ 3:41 pm
I like this one! Very smart. Although no 100% guarentee, that’ the best you can do in that situation.
Comment by HJ — July 20, 2007 @ 12:30 am
a service that lets you log into popular web-based email websites using one-time codes instead of your normal password: http://kyps.net
Comment by Andreas — July 22, 2007 @ 3:23 am
There is a tip better than this one to fool most keyloggers : entering random characters out of the password field in a non-client area.
However some keyloggers can’t be fooled with this technique like Revealer Keylogger Free Edition
Comment by kmint21 — October 6, 2007 @ 8:49 am