Do you know if a keylogger can read a password that Roboform2go fills in
that is displayed only as dots on a site’s web page?
In this excerpt from
Answercast #56, I take another look at keylogging software and what it may
be capturing from an infected machine.
Become a Patron of Ask Leo! and go ad-free!
What keyloggers can see
Do I know for certain? No. The fact is that keyloggers should more correctly
be considered to be “activity” loggers.
A couple of things are going on here. One is: just because something is
displayed as dots doesn’t mean that the keystrokes weren’t given to the system
Dots are common; that’s typically how Password fields (the fields into which
you type your password) will display the characters that you’ve typed in. They
do that so that somebody walking by can’t see your password on the screen:
they’re replaced by asterisks or dots.
How is the activity entered?
Now, is Roboform2go entering keystrokes? I don’t know. Are they bypassing
keystrokes and doing something else fancy?
But you know what? It doesn’t matter.
If you’ve got keylogging software on there, it could be logging
anything! It could be logging all of the techniques that RoboForm or
any other password software could be using. It could log any of that. And it
could capture any of that.
A keylogger is malware
They can log your activity.
They can know what keystrokes were hit.
They can know what was on the screen.
They can know what was pasted in through the Clipboard.
They can know what was passed in under the table using backhanded Windows
APIs that maybe some of these password utilities try to use to avoid common
You just don’t know. It is very possible that regardless of what techniques
this password utility uses it could still be logged regardless of how it
bypasses the keyboard and what’s displayed on the screen.
If you can’t trust the machine you’re about to enter a password on (and it
doesn’t matter how you enter it), then you probably shouldn’t enter your
password! There are too many ways that it can still be recorded.