Anti-keylogger program

[Deleted]

Hello,

I am as most users not using an authenticator but I'm still concerned about keyloggers. My idea is to create a program that types my password for me. Since the keylogger can only read keypresses/strokes (I'm assuming) I could make a program type in my password so that a keylogger wouldn't be able to figure out what it is.

I'll explain further:

Let's say my password is "password10"
I script my program so it types "word"
I then tell it to click so that the marker is in the beginning of the word
It then types "pass"
I tell the program to click so that the marker ends up at the end and tells it to type "10"

Technically, assuming the keylogger can't figure out where and how my mouse presses, it will read my password as "wordpass10" which is wrong.

Now, this example isn't very hard to figure out, but my plan is to make it complicated enough so that it is close to impossible/requires way too much work to figure out. This is also where I am stuck at this point.


Any math/script (or just a regular) genius that can help me out?

[Deleted]

Might add that the program/language I'm using is called "AutoIt" and is a freeware. I'll share my script with you when it's done so that anyone can use it

[Simca]

Might want to clear this with Blizzard as AutoIt can tie into WoW can then be used to create bots so it might be tracked by Warden.

[Deleted]

Even before logg-in (or during)? The program should terminate after finishing the sequence.

[Mjoedvitnir]

@dcemuser no. warden will not detect anything as long as it doesnt infiltrate any wow data. i use autoit since years for multiboxing, as well as 100s of other multiboxer.

@marest don't take the word "keylogger" too serious. software-keylogger can log every action you make (for example starting a program or script or mouseklicks with coordinates), not just on your keyboard. and i dont think you have to be worried about a hardware keylogger..

getting inflicted by a keylogger is an act of pure stupidity, even without an antivir software you wont get one if you dont click every link, open every email from adressers you dont know, use 5 year old never-updated programs or use "OLOL! THIS GETS YOU 23464362g PER HOUR"-scripts, hacks or bots. just be careful, read links you click (www.woww-europe.de, www.mmochampion.com - things like that.), dont click banners at all and simply dont be stupid, and you will never get anything like a keylogger.

[emosaurusrex]

Well, depending on how the keylogger worked that could or could not work.
Against a good keylogger that would not work, simply because all the actions would've been logged. (they can even watch you do it if it's less automated)

Against simpler, more basic keyloggers sure that would work. Anything aimed at targeting WoW passwords specifically it probably wouldn't work for.

In regards to copy and paste method, that wouldn't work either. All programs have access to the "clipboard" (where the copied string is saved) so that program could read it.

[Rohit]

send yourself an email from a non-wow computer or cell phone with your password. Save it under a word doc or notepad doc and copy paste it. No need for fancy programs and programming.

this is just epic fail, most keyloggers(if not every nowadays) record clipboard.

and ALL keyloggers that are made specifically for WoW do not record what you type in or what a program types for you but instead records what was written before you contacted the server

this means that no matter what you do nothing apart from an authenticator will work against a keylogger

[Deleted]

Thanks for the replys. I'll save my time scipting this then, i guess :P

[Sam]

I have a program like this.

It's called "Mouse" and it's used by not clicking on suspicious links. It generally comes with computers and works awesome.

[Taryble]

The only thing that prevents keylogging from working is not getting a keylogger. :P Even the "dumb" keyloggers track mouseclicks, windownames, cursor moves, etc. The 2nd best thing is a randomized password - this is what having an Authenticator provides.

[Bananengurke]

today's keylogger's definitely have your copied stuff saved, some even do screenshots of your shit

[bbr]

Hello,

I am as most users not using an authenticator but I'm still concerned about keyloggers. My idea is to create a program that types my password for me. Since the keylogger can only read keypresses/strokes (I'm assuming) I could make a program type in my password so that a keylogger wouldn't be able to figure out what it is.

Don't bother, because people would just label your tool as a keylogger as well.
Don't bother at all....

And yes keyloggers can log EVERYTHING.
Ctrl+C and Ctrl+V are keystrokes just as well.
As are calling rightclick +copy.

[phyrix]

this is just epic fail, most keyloggers(if not every nowadays) record clipboard.

and ALL keyloggers that are made specifically for WoW do not record what you type in or what a program types for you but instead records what was written before you contacted the server

this means that no matter what you do nothing apart from an authenticator will work against a keylogger

This.

Anything but an authenticator is doing nothing but giving you a false sense of security.

[Dorfie_Merged]

Anyone that doesnt use authenticator then why the hell not ?

it costs £0.50 for the mobile phone application which works on most phones
or £6.99 for the dongle - which came next day delivery for me from germany !!

its the greatest thing ever - i use curse updater and i know some addons get hacked and have hidden loggers but the fact you have a authenticator means no matter what they aint getting in to your account;

[Deleted]

Keyloggers (Very inaccurate name) have the potential (But might not all do it, it really varies) to log everything from the keys you press to what's on your screen. Should a malicious program be preprogrammed to look for such macroing programs (Basically what you asked for, to temporarily control your keyboard/mouse) then it wouldn't even have to wait for you to type the password, as you've stored it in a nice handy format buried inside the settings for that other program just waiting to be read.

Copy and pasting is also a big no-no, as that's even easier to read. If you copy your password, every other program has unrestricted access to your clipboard, and you've just given them all your password.

The best prevention against keyloggers is a safe mind, there are many guides floating around on how to keep yourself safe that don't rely on more software; Authenticators are great but please don't just rely on them alone. They should be a last line of defence, otherwise if someone manages to successfully keylog you then I hope you have an authenticator for all your other online services (Email, bank account, paypal, MMOC account, etc)