Menu
Every security systems have its limits. I understand that hardware key logger cannot be beaten as it is connected to the hardware itself. Also it is not a concern at this point as most of the time it is used by programmers and ethical hackers to log themselves, on top of which most of the time cautious users will be able to visually identify any unwanted hardware (forget gov. agencies).
But as a developer it is often a concern to protect the user! So is it possible for me, as a programmer to integrate a layer of security in my windows form that will be able disable any active key logger/s (i.e. Software based) on user’s system, by implementing some kind of anti hooking trick? Plus most of the software key loggers now days support “Screen shots” is there any way to escape it?
717
I presume you are worried about users entering their credentials and them being captured.
If this is the case then you need to establish a method of ensuring any captured details are not of use.
A method employed by many banks, and even World of Warcraft now, is the use of a portable token generator. The user then enters their username, password, and typically a PIN displayed on the token generator. These PINs exist for only a few seconds and never repeat. This means the nefarious user who intercepts the credentials can not authenticate with them.
I have never used them, and have no idea how you would source them, but you can read about them here:
http://en.wikipedia.org/wiki/Security_token
It seems to me this is a better method than trying to stop a keylogger from attacking your application.
117
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
