Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Can a keylogger record keystrokes pasted in by my password utility?

Do you know if a keylogger can read a password that Roboform2go fills in
that is displayed only as dots on a site’s web page?

In this excerpt from
Answercast #56
, I take another look at keylogging software and what it may
be capturing from an infected machine.

Become a Patron of Ask Leo! and go ad-free!

What keyloggers can see

Do I know for certain? No. The fact is that keyloggers should more correctly
be considered to be “activity” loggers.

A couple of things are going on here. One is: just because something is
displayed as dots doesn’t mean that the keystrokes weren’t given to the system
as keystrokes.

Dots are common; that’s typically how Password fields (the fields into which
you type your password) will display the characters that you’ve typed in. They
do that so that somebody walking by can’t see your password on the screen:
they’re replaced by asterisks or dots.

How is the activity entered?

Now, is Roboform2go entering keystrokes? I don’t know. Are they bypassing
keystrokes and doing something else fancy?

But you know what? It doesn’t matter.

If you’ve got keylogging software on there, it could be logging
anything! It could be logging all of the techniques that RoboForm or
any other password software could be using. It could log any of that. And it
could capture any of that.

A keylogger is malware

The bottom line is…if you’ve got a keylogger on your machine, you’ve got
malware on your machine and malware can do anything:

  • They can log your activity.

  • They can know what keystrokes were hit.

  • They can know what was on the screen.

  • They can know what was pasted in through the Clipboard.

  • They can know what was passed in under the table using backhanded Windows
    APIs that maybe some of these password utilities try to use to avoid common
    keystroke loggers.

You just don’t know. It is very possible that regardless of what techniques
this password utility uses it could still be logged regardless of how it
bypasses the keyboard and what’s displayed on the screen.

Internet safety

If you can’t trust the machine you’re about to enter a password on (and it
doesn’t matter how you enter it), then you probably shouldn’t enter your
password! There are too many ways that it can still be recorded.

Do this:

Subscribe to Confident Computing! More confidence & less frustration -- solutions, answers, & tips -- in your inbox every week.

I'll see you there!

1 thought on “Can a keylogger record keystrokes pasted in by my password utility?”

  1. Another way to explain it (overly simplified), is when you hit a key, it is put in a buffer in memory – that is why you can type ahead. Think of it as a tube. you are throwing characters in one end – by keyboard, or copy/pasting or through some other 3rd party software like Roboform2go. Programs (like email, word, games …) know where the buffer is, and are waiting at the other end of the tube, and grabbing the characters as they come out. Keyloggers know where that buffer is also, and all they are doing is recording what is entering into the tube. If Roboform2go is entering passwords, it is most likely sending them into the tube just as if you were typing it on a keyboard.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.