I want to credit member, Nuvo, for his contribution to this advice:
There's no virus that scares me as much as Keyloggers do. A keystroke logging trojan is installed using a virus (or worm). This trojan will keep of a record of your keystrokes. It logs, or traps each and every key that you press on your keyboard.
There are some keyloggers which can’t distinguish between the small letter and the capital letter. It then encrypts the stolen login/password pairs using the public key of the trojan author and can covertly email the hacker that created the Keylogger. There are also hardware keyloggers but most people don't have to worry about those type.
Most people have at least some of their passwords the same so it is easy to see how devastating a Keylogger can be. Their Paypal, Bank account, email, and anything they do online can be tracked along with the passwords so the hacker has a history of the user's online movements and will know where to quickly go once he has your login/password.
What then can you do to beat a Keylogger? Unfortunately there is no easy way to prevent a Keylogger. There's the obvious things like use different passwords for your important accounts. Use common sense and always double check on the programs you have installed. observing the programs which are installed. Remember to enable firewalls and anti-spyware programs.
Here's the secret I've learned to do and I have yet to have it fail. When I first buy a computer, and have run all my virus/spyware checkers to be sure it is clean, I save a file of all my passwords on a USB thumb drive to store it, so that it's not available when you're not using it. On this file I use encryption such as SHA1 or Twofish . If I'm using logins and passwords I simply cut/paste the login/passwords. A keylogger can't report this cut/paste information so I've beaten the keylogger.
Comments
There's only a few apps like jEdit which don't use a standard clipboard, but this also means no copying from jEdit to other apps (stupid Java :[).
With the USB drive, the file isn't always on your PC, so it's only accessable when you plug the thumb drive in and it gets mounted by the OS (assuming it's auto-mounted).
The best way I can think of storing passwords is via a password manager which will encrypt passwords it stores without any copying and \ or pasting.
Usually, these will store the encrypted data in a small database and will pull it up and decrypt it when you open a site that you have a password for.
Then the browser can do it's usual auto-insertion trick and off you go.
Most browsers have this ability built in, though I never quite trusted the Internet Explorer implementation.
Firefox can do this and it will let you set a master password, which is required to work with existing passwords (if it isn't set, you can view all known passwords in the preferences wizard).
Current project: CMS Object.
Most recent change: Theme support is up and running... So long as I use my theme resource loaders instead of that in the Rails plug-in.
Release date: NEVER!!!