Consumer Keystroke Logger

Have passwords just been rendered unsafe for enterprises because of this? Keystroke loggers have been discussed in security circles for a while now but this is different. Previously you needed admin access to the box, or you had to physically hack into the keyboard internals.

If I understand the description, for just $200 someone with no particular computer expertise can discover any password typed into a specific computer. All he needs is unsupervised access to the physical box. Anyone who can enter a workplace off hours, or just be the first or last one there, can easily install this on a computer and start collecting passwords.

I can’t see any real defense for this while relying on passwords alone. The only defense I can think of is to add OTP or Biometric authentication to all office computers. Given all the issues around biometrics, an OTP is probably the best option.

One could even suspect EMC of being secretly behind this. Just kidding. Sort of.

No, really, I’m joking.

(Mirrored from TalkBMC)


One response to “Consumer Keystroke Logger

  1. In fact, you can rely on passwords if you use strong protecting software. To deal with keyloggers (programs that intercept your passwords and other sensitive information) I use Anti-Keylogger from Raytown Corp. Pleased so far.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s