Keystroke logging (often called keylogging) is a diagnostic used in software development that captures the user's keystrokes. It can be useful to determine sources of error in computer systems and is sometimes used to measure employee productivity on certain clerical tasks. Such systems are also highly useful for law enforcement and espionage, for instance, providing a means to obtain passwords or encryption keys and thus bypassing other security measures. However, keyloggers are widely available on the internet and can be used by anyone for the same purposes.
Keystroke logging can be achieved by both hardware and software means. Hardware key loggers are commercially available devices which come in three types: inline devices that are attached to the keyboard cable, devices which can be installed inside standard keyboards, and actual replacement keyboards that contain the key logger already built-in. The inline devices have the advantage of being able to be installed instantly. However, while they may go unnoticed for quite some time, they are easily detected visually upon closer inspection. Of the three devices available, the most difficult to install is also the most difficult to detect. The device that installs inside a keyboard requires soldering skill and extended access to the keyboard to be modified. However, once in place, this type of device is virtually undetectable.
Writing software applications for keylogging is trivial, and like any computer program can be distributed as a trojan horse or as part of a virus or worm. What is not trivial however, is installing a keystroke logger without getting caught and downloading data that has been logged without being traced. An attacker that manually connects to a host machine to download logged keystrokes risks being traced. A trojan that sends keylogged data to a fixed e-mail address or IP address risks exposing the attacker.
Constantly observe the programs which are installed on your machine. Also, be aware of devices connected to PS/2 and USB ports since they can be used to secretly install a keylogger and then removed (along with your data) by the perpetrator.
Anti-spyware applications are able to detect many keyloggers and cleanse them. Responsible vendors of monitoring software support detection by anti-spyware programs, thus preventing abuse of the software. Enabling a firewall can protect you from keyloggers that are spread by viruses and worms.
Network monitors (also known as reverse-firewalls) can be used to alert you whenever an application attempts to make a network connection. This gives you the chance to prevent the keylogger from "phoning home" with your typed information.
It used to be widely believed that copy-n-pasting your passwords would help protect you from keyloggers. This is not true as keyloggers can easily record everything that is placed into the clipboard.
Automatic form-filling programs can prevent keylogging entirely by not using the keyboard at all. Form fillers are primarily designed for web browsers to fill in checkout pages and log users into their accounts. Once your account and credit card information has been entered into the program, it will be automatically filled for you without ever using the keyboard or clipboard, thereby negating any possibility of your data being recorded.
It is important to generate passwords in a fashion that is invisible to keyloggers. Using a browser integrated form filler and password generator is therefore the key. There are programs available for Windows and Mac that do exactly this. Both of these programs can generate and fill passwords without ever using the keyboard or clipboard.
It is sometimes said that an on-screen keyboard is a good way to combat keylogger, as it only requires clicks of the mouse. However, this is not true, because a keyboard event message must be sent to the external target program to type text. Every software keylogger can log the text typed with an on-screen keyboard, and additionally, some programs also record or take snapshots of what is displayed on the screen.
The web-based on-screen keyboard may provide some degree of protection. At least some commercial keylogging programs do not record typing on the web-based virtual keyboard. However, the keylogging software can take screenshots.