Prevent keyloggers from grabbing your passwords

Scott dunn By Scott Dunn

Strong passwords are important, but even the best password won’t keep you safe from keyloggers — hardware and software that’s designed to secretly record your keystrokes.

Fortunately, there’s a way you can enter sensitive data so it’s extremely difficult for snoops to extract your passwords from keylogger files.

In her Aug. 6 Top Story, WS contributing editor Becky Waring reported that Google’s Gmail service allows hackers to try to guess your password 1,200 times per day. She provided some useful tips for making strong passwords that are easy to remember but hard to crack.

The bad news? Even the strongest passwords can be recorded by keyloggers. These are software and hardware products designed to capture computer events and store them in a log file.

Keyloggers can have legitimate uses in business, or they can be perverted into collecting passwords for identity theft. For more information on how these products work, see my Oct. 9, 2008 review of free software keyloggers.

UPDATE 2009-09-24: In his Sept. 24, 2009, Top Story, Scott Dunn provides more tips for avoiding keyloggers when using a public PC.

Windows’ On-Screen Keyboard app is also logged

If you’re using a computer you aren’t sure is keylogger-free, how do you protect any passwords to sensitive Web accounts you may need to access? A reader named Kenneth recently submitted the following suggestion:
  • “I use a simple existing tool in Windows called osk.exe (On-Screen Keyboard). This program, as you may know, resides in the C:WINDOWSsystem32 directory, but there’s no shortcut or link to it, so most people don’t know it exists! You can launch it by entering osk in the Run command.

    This article is part of our premium content. Join Now.

    Already a paid subscriber? Click here to login.

= Paid content

All Windows Secrets articles posted on 2009-09-10: