My Own Tip: How To Keep Your Passwords Safe from keyloggers or spyware

[dungsport 0]

Hi everyone, I haven't posted on Xisto for a long time. Now thinking of contributing to this forum some good tips and tutorials (not crap posts or non-sense discussion).

 

This is my own tip for you to keep your passwords or secret numbers (like Credit card number) safe from keyloggers or spywares installed on you system, which you may not be aware of them.

 

Some may find this useful, some may think it's crap but I'm sure that it should be helpful for people who dont know much about computer's viruses/spyware...

 

This tip only prevents giving your passwords to keyloggers or spyware that record what you type on the keyboard. It may not work with software that records your screen.

 

You know when you open your email or do internet banking or make online purchases, you need to pass some identification processes like logon with your username and password, or enter your credit card number and expired date, so on...

 

Keyloggers/spyware will record continuously what you type. So, basically people type in their precious information from left to right. Hackers read the logs from left to right too. So, .... you know what would happend.

 

My tip is: when you have to enter your secret information on the net or anywhere else, dont type it in the order that everyone can read and combine using keyboard and mouse. Have a look at following example:

Let say your creditcard number is 123456789101112

You may enter 451012

Use the mouse to move the cursor to the beginning of the text and enter 1234 (remember: dont use arrow keys cause they could be recorded, mouse movement can be recorded too but only coordinates, it doesnt tell exactly whereabout it is)

Then click the mouse in between 45 and 10 => 45|10, and type in 11

Then click the end of the text and type in 12

You may not believe this tip but you can try. Download one of the keylogger and see the log. The logs will have some thing like 45101212341112, which is useless.

 

You could do the same for your password. In this case you have to remember what and where you typed in cause your password will be all asterisks.

 

To sum up, the more complicated you enter your infor, the harder people could get it. And to reduce the risk of incorrect password input, make a rule for entering your password and use it regularly.

 

I hope you guys understand the idea of doing this.

[Dream1405241490 0]

ah if you are really that paranoid about it, or just wanna keep safe, you could also take out the on screen keyboard and go clicky in your password thus the keylogger would not be able to get anything.Another tip I like is that if you tend to forget your pass, write it on your phone/phone book, don't make it obvious like PASS = 45684153 (Random numbers not my pass heh)instead write Paul S. Simons (Pass see?) Number 45684153 or if its words make up a street/memo or w/e, hope this also helps.Dungsport, your tips is pretty cool, I never thought it that way, heh

[miCRoSCoPiC^eaRthLinG 0]

Hehe.. both of you great tips - both simple but almost 100% effective against keyloggers. They can log keys really well - but can't discern a damned thing from mouse positions - unless it's logging snapshots of your screen too. Then, my friend, you're in serious trouble. Ghost keylogger is quite capable of doing that - and so are another 10-15 of them in the same bandwagon. A Funny Fact: My Antivirus (Bitdefender Pro 8) detects Ghost Keylogger Installer .msi as a trojan.. lol.. and thus has put it in quarantine - barring me from playing pranks on my friends Btw, these keyloggers produce some amazing results, huh ? When I joined my university, I got the account logins of almost all the students (school accounts, hotmail, yahoo etc.) - all of them within 3 days flat. Flip-side: I'd to sit through and repeatedly search for the phrases "Login" & "Pass" in over a GB of combined log files.. urgggh !!

[dungsport 0]

Haha, when I was writing this I thought people would say "Oh, it's not worth for a go". Uhm, people usually tell me that if you dont do it, you dont know what people would think.@Dream, i had that idea in mind (about on screen keyboard) but I would not suggest it if I were you. On screen keyboard, in another way, it works similarly to physical keyboard. So? keyloggers can hook it to the keyboard events. I reckon, it may not be right, :rolleyes:Anyway, it's useful, right? I've never posted this idea anywhere else but Xisto. Just for your special work, Xisto ppl. Keep it up and do the right things,Thanks again,