By Dennis O’Reilly
Several dozen readers responded to WS contributing editor Scott Dunn’s Sept. 10 Top Story on keeping your passwords out of the hands of sneaky keyloggers on untrusted PCs you may be forced to use while traveling.
The most frequent suggestion was tocopy passwords from a text file and paste them into password boxes, but many keyloggers — unfortunately — capture any text you paste from the Clipboard.
Crooks with computers are experts at raiding online bank accounts and making a profit from personal information. Every time you think you’ve outsmarted them with a new defense, hackers find a way around or through it.
Scott described the “revised Vesik method,” which involves typing nonsense characters and mousing them into place to form a real password. It’s admittedly a convoluted way to hide data from keyloggers when you need to sign in to a Web site using a PC that might be infected. Scott acknowledged that the trick is time-consuming and prone to error.
Many readers recommended other programs and techniques to thwart either hardware or software keyloggers. Chris Miller points out the advantages of authentication techniques used by banks in Europe:
- “I don’t know the position in the U.S., but here in Europe, sensitive Web sites such as [those for] Internet banking are usually configured to defeat keyloggers.