Using Public Computers ? Protect Your Passwords from Keyloggers and Hackers

If you use a public computer or an internet cafe for checking emails or browsing the web, make sure that there aren’t any Keylogger programs running. These Keyloggers can record what you type and send the key strokes to an email address or upload a text file to an FTP server.

What is a Keylogger and How It works ?

A Keylogger is a software application that can be used to track and record what you type in the computer keyboard. Typically, Keyloggers are installed in corporate offices so that  employees can be tracked and seen what websites they are visiting and how they spend time on the computer.

A Keylogger runs in system’s background and it is programmed to track and send whatever you type in the keyboard. The data can be sent to an email address as a text file or can also be uploaded via FTP server.

Where Lies the Threat ?

The threat lies if the computer has Keylogger running and you are opening your email account, social profiles in that computer. Guess what can happen? The Keylogger will record your username as well as the password and may upload the text file to FTP or send it to an email address. Your email accounts or other crucial information are at a risk.

How to avoid Getting Hacked by Keylogger Programs ?

Following are some of the techniques to deal with Keylogger programs:

Option A – Use your own computer for all your Work and set a master password

The best solution is using your own computer for all types of work. Set a Master password and don’t allow anyone to access your computer in your absence. This makes sure nobody can play with your system and install malicious software or scripts.

To set the master password, restart your computer and hold down the F8 key. This will open the “Boot options” panel. Go to “Security” and choose a “Master password” for your computer.

The advantage of using a master password is that the computer asks for the password before booting and it’s much safer than normal operating system passwords (which can be bypassed by another administrator account in some cases.)

Option B : Forward all your Emails to a Secondary Email account you own

You can forward all your emails to a secondary email account and use that account for checking emails and replying to them. Even if  you are checking your emails on a public computer and the Keylogger software is running in the background, you need not worry. Check your emails, reply to them and delete any sensitive data or information.

The hacker can hack your secondary email account but not your primary one. The primary email will still contain all the information so you can safely clear the inbox of the secondary email account. When someone opens your email account by retrieving the password from the Keylogger data, he will see nothing .

Option B : Create  one time password codes for all your Email accounts / Websites / Social profiles

The idea behind generating one time password codes is that you can sign in to your account using that code. After you sign in, the code is destroyed. If someone gets access to your code via the Keylogger program, he won’t be able to access your email account as the code is  already destroyed the moment you signed off.

KYPS is a website where you can generate one time password codes for your email accounts. You can get a PDF copy of all the password codes ( 40-200 in number) and use them check emails on public computers.

These codes are self destroyed after first time usage. Currently works with Gmail, Hotmail, Yahoo Mail, WEB.DE, GMX and My Space. Thanks jeetblog.

Option C: Check computer for installed Keylogger programs

You can check a computer for installed keyloggers by scanning the system with a strong Antivirus program (e.g Kaspersky). But it is foolish to think that the person who has installed a Keylogger would have installed an antivirus or a firewall. Furthermore, you might not have administrative privileges so installing an antivirus program on your own is ruled out.

If you get lucky, try SnoopFree and KL detector – two well known Keylogger detector programs.  In my opinion, this idea won’t work anyway but still why take a chance?

What do you do to fight Keylogger programs? Let us know your ideas in the comments.

Case Study: I lived in a college hostel for about two years. Every other day, hostel geeks used to play pranks on each other using Keyloggger programs, scripts etc. One of my friends did the same thing with me while I checked my social accounts on his computer. Now I have an answer, right?