defeating keyloggers easily

Discussion in 'privacy general' started by danielspencer2, Jun 2, 2010.

Thread Status:
Not open for further replies.
  1. danielspencer2

    danielspencer2 Registered Member

    Jun 3, 2009
    if i had a password requirement where for users to log into my website they need to click on 3 correct TEXT names to login, will that defeat keyloggers? For example, there could be 5 TEXT names like this:


    The password could be users having to click on the TEXT name of Dog,Cat, and Bird to login.

    Will this defeat keyloggers as users are using their mouse to click on the TEXT names?
  2. hugsy

    hugsy Registered Member

    May 22, 2010
    Maybe the basic key logger, but if there is a click logger, then no. Plus only five options is a bit short, hacker would then have 20% chance of guessing the password in first try.

    I guess it would defeat key,click,clipboard-loggers if it was something like this (bare with me :)
    -on one side of the page there would be pet_names and random number generated next to it
    -on the other side of the page, there would be those numbers from the left and a check box next to every one of them.
    -so if my combination was "bird, mouse, horse", and some randomly generated numbers would be "22, 14, 9"; I would then check these numbers on the right an log-in button. This way, no keyboard logger would detect us, since nothing was typed, nothing in the clipboard, and click logger wouldn't know what are the "names" since the numbers are randomly generated every time and are far away from the check box.

    This help, let me know.
    Last edited: Jun 4, 2010
  3. katio

    katio Guest

    Some key loggers also take screencaps, if an attacker has access to a system there's no way to really hide something. The only way around this is something like a one-time password. Implementing it is hardly what you'd call "easily" though.
Thread Status:
Not open for further replies.