
Ask HN: How to protect yourself against keyloggers? - drexlspivey
While I am by no means a security expert, I try to follow good security practices as much as I can. I use unique passwords with a password manager, I use SSH keys for logging in to any remote machine and I use PGP to encrypt any sensitive files on my machine.<p>However none of these will protect you against a keylogger. Ultimately your keys&#x2F;passwords will be protected by a password. I understand that if your system is compromised it&#x27;s pretty much game over, but what are some good practices to protect yourself against a keylogger?
======
elfuego
One reasonable practice can be to use multi factor authentication when gaining
access to services that you use, MFA will allow you to take advantage of one
time passwords coupled with unique passwords managed by a password manager.

------
airstrike
On a related note, what's the best way to test if my mechanical keyboard from
China isn't logging everything I type and selling it to the highest bidder?

~~~
hluska
The 'best' way is to carefully log all of your network traffic and investigate
any weird outbound traffic. There are automated tools that can help with this,
but at the end of the day, you're going to be going through individual
outbound connections and figuring out what's sketchy versus what's okay.

This gets really complicated because it's very easy for skilled people to hide
data in legitimate looking data transfers.

~~~
nuclx
The keyboard itself won't be able to send anything over the network. A
malicious keyboard driver could, but it doesn't have anything to do with the
hardware component. Well, technically the keyboard could broadcast the
recorded keystrokes via WiFi or Bluetooth granted it has additional hardware
built-in, but that would make things significantly more difficult for the
attacker.

~~~
jpl56
Then the secure behaviour would be to refuse installation of any driver but
the standard ones. Is it possible?

------
lun4r
use zero-width characters in your passwords to fool the attacker ^_^

~~~
borplk
In all seriousness I think many applications wont handle that correctly and
you will probably lock yourself out a lot.

