Do password managers stop keyloggers ?

jetman · Aug 12, 2017

My question is whether using a password manager would prevent a keylogger from stealing passwords.

I thought that as a password manager pastes the passwords directly into your browser then it wouldn't give much chance for a keylogger to record keystrokes or copy things from the system memory.

Any thoughts about this ?

Thanks.

TairikuOkami · Aug 12, 2017

Anti Clipboard Logger | SpyShelter Anti-Keylogger

And as mentioned above, Keepass scrambles passwords while auto-typing, that is a great feature, better than copy/paste.

Two-Channel Auto-Type Obfuscation - KeePass + other features - Security - KeePass

jetman · Aug 12, 2017

Thanks guys-
I have sticky password- does that do the same job ?

Windows Defender Shill · Aug 12, 2017

Can't beat the good old fashion real life note pad.

Unless someone breaks into your house and steals it.

At which point in my domain they will meet 11.43×23mm 230 grain Medal jacketed Hollow Point +P Hornady rounds

Atlas147 · Aug 12, 2017

crezz said:
My question is whether using a password manager would prevent a keylogger from stealing passwords.

I thought that as a password manager pastes the passwords directly into your browser then it wouldn't give much chance for a keylogger to record keystrokes or copy things from the system memory.

Any thoughts about this ?

Thanks.

The idea is there, but if the keylogger is able to steal clipboard information then it would render your method useless too

shmu26 · Aug 12, 2017

What about lastpass and keyloggers?

509322 · Aug 14, 2017

crezz said:
My question is whether using a password manager would prevent a keylogger from stealing passwords.

I thought that as a password manager pastes the passwords directly into your browser then it wouldn't give much chance for a keylogger to record keystrokes or copy things from the system memory.

Any thoughts about this ?

Thanks.

When dealing with a pure keylogger, it cannot log what isn't typed. Password managers fill forms so there is no keystrokes. No typing is part of the rationale for virtual keyboards of various types. The answer is yes against a pure keylogger.

509322 · Aug 14, 2017

shmu26 said:
What about lastpass and keyloggers?

See my answer immediately above.

shmu26 · Aug 15, 2017

Lockdown said:
See my answer immediately above.

Problem is with financial sites, where careful users have their password manager set up to prompt for master password. So I guess we are back in the hands of the keyloggers, at that point.

SHvFl · Aug 15, 2017

shmu26 said:
Problem is with financial sites, where careful users have their password manager set up to prompt for master password. So I guess we are back in the hands of the keyloggers, at that point.

2 step authentication and who cares if they steal your master password. I can pm you my password but it has no use to you because you would need to step my authenticator first in order to get in. So the scenario that they get your master password is still not as scary as them getting your passwords. It has almost 0 downside especially considering that you will get an alert and change your password if you have an ounce of brain.

509322 · Aug 15, 2017

shmu26 said:
Problem is with financial sites, where careful users have their password manager set up to prompt for master password. So I guess we are back in the hands of the keyloggers, at that point.

It requires both user understanding and fastidious\meticulous adherence to the steps required to avoid a leakage. It's better to just use an anti-logger; less opportunity for a user mis-step that results in a leak. And better yet is if you block by default. Solves that keylogging issue real fast.

jetman · Aug 16, 2017

Does Kaspersky Internet Security have a built in keylogger ?

shmu26 · Aug 16, 2017

SHvFl said:
2 step authentication and who cares if they steal your master password. I can pm you my password but it has no use to you because you would need to step my authenticator first in order to get in. So the scenario that they get your master password is still not as scary as them getting your passwords. It has almost 0 downside especially considering that you will get an alert and change your password if you have an ounce of brain.

Practically speaking, 2 step authentication usually requires that you have a device in your pocket that can receive text messages, and that you have decent cellular reception.

crezz said:
Does Kaspersky Internet Security have a built in keylogger ?

It has a keystroke encryptor. It self-activates when you fill in login details on a website, as long as you have the Kaspersky browser extension installed and enabled.

But it is not clear to me whether it encrypts when entering the master password in LastPass.

SHvFl · Aug 16, 2017

shmu26 said:
Practically speaking, 2 step authentication usually requires that you have a device in your pocket that can receive text messages, and that you have decent cellular reception.

No it doesn't. Most of this authenticators work with an application and not sms(both google and lastpass that can be used). So as long as you periodically have signal or internet for the time to be accurate you are game on.

Search

Do password managers stop keyloggers ?

jetman

Level 10

TairikuOkami

Level 36

jetman

Level 10

Windows Defender Shill

Level 7

Atlas147

Level 30

shmu26

Level 85

509322

509322

shmu26

Level 85

SHvFl

Level 35

509322

jetman

Level 10

shmu26

Level 85

SHvFl

Level 35

Similar threads