Re: a dumb question: on-screen keyboard...
Keyloggers run on individual machines, not on entire hotspots. The session
between a workstation and the bank's web server is protected with SSL. So if
someone were sniffing traffic from the hotspot, your password would be
protected. However, if you were using some kiosk computer (rather than your
own), then it is possible that keylogging software on that machine could
intercept your password before it gets passed to the SSL encryption. I never
worry about hotspots, because I always use only my own laptop. I do, though,
worry a bit about kiosks.
Onscreen keyboards really don't help here. Sure, they can thwart keyloggers,
but what about screen recorders? What about rootkits or trojans (again,
installed on a kiosk) that can hijack a session after login happens? Public
machines simply present too many risks.
--
Steve Riley
steve.riley@microsoft.com
http://blogs.technet.com/steriley
http://www.protectyourwindowsnetwork.com
"David" <david@invalid.com> wrote in message
news:57WdnX9LFOxh3HTbnZ2dnUVZ_hKdnZ2d@comcast.com...
> would using an onscreen keyboard to type in passwords when on a wifi
> hotspot avoid capture by keylogging programs? reason i ask, i was just
> reading a Norton email about password security and they mentioned that one
> shouldn't log in to a bank site when on those hotspots due to possible key
> loggers.
>
> Dave