extra letters in typed password, a worthwhile endeavour?

1

I've heard a view quite frequently that key loggers can be beaten very easily by entering extra letters in your password then deleting these (by highlighting with the mouse and hitting delete key).

While this seems plausible, it seems to me that it wouldn't be overly hard for a key logger to overcome.

Is this actually safe advise in this day and age, given the increasing complexity of key loggers...or are there now loggers in the wild which can overcome this practice ?

Sirex

Posted 2012-08-21T01:26:16.213

Reputation: 10 321

Here is a list of all the inputs that a simple keylogger can track – Nate Koppenhaver – 2012-08-21T02:41:32.230

Answers

1

The keylogger would log that the delete key was pressed, which would tip off the attacker that something may have been modified.

Furthermore, if further captured text indicates that the login was successful, you've given the attacker the characters that your password is composed of. So you've made it MUCH easier for the attacker to brute force your password. So I would say no.

A software keylogger is likely monitoring and recording internal events generated by the operating system, possibly in addition to also monitoring physical I/O coming from PS/2 or USB ports. Couldn't defeat that with mouse highlighting either.

LawrenceC

Posted 2012-08-21T01:26:16.213

Reputation: 63 487

ok, well that makes sense, but does require human intervention and grey matter. I was half expecting loggers these days to be able to record which keys were removed, or also record mouse movements to the same effect. – Sirex – 2012-08-21T01:58:27.960

they probably could be made to do that, but what's the likely hood. A truely awesome keylogger I suppose would keep track of the active control, keyboard and mouse etc etc but this is all moot. If you have a keylogger on your system probably better to just do something about that – Ben Stephens – 2012-08-21T06:08:31.510

Asked: 2012-08-21T01:26:16.213

Viewed: 83 times

Active: 2012-08-21T01:40:46.087