What is 'Keyboard Logger'

A keyboard logger is hardware or software that records every keystroke on a computer, usually for nefarious purposes and without the user’s knowledge. Keyboard loggers can be used to collect all kinds of sensitive information, including personally identifiable information (PII), passwords, intellectual property, and trade secrets. They can also be used to record email messages, online chats, usernames and passwords.

BREAKING DOWN 'Keyboard Logger'

Keyboard loggers are often used for criminal purposes, like stealing passwords or credit card information from the device users. However, some companies may use keyboard loggers for legitimate IT purposes, such as trying to prevent sensitive company information from being leaked. They can by organizations to troubleshoot technical problems with computers and business networks; they can also be used by a business to monitor the network usage of people without their direct knowledge; and they can also be used by families as part of parental controls.

Keyboard Logger Capabilities 

When installed on a device, keyboard loggers can:

  • save any passwords entered by users on the device
  • take screenshots of the device periodically over time
  • capture logs of all instant messaging conversations and sent emails 
  • save a copy of the computer user's web search history 
  • save a copy of the list of the applications used
  • automatically send the reports containing stored logs and emails 

Examples of Keyboard Logger Attacks

A hardware keylogger can be a barely noticeable device that connects the hard drive’s USB port to the keyboard’s USB cord. This type of keyboard logger was used to commit a serious crime in 2013. A county sheriff installed a keylogger on his ex-wife’s work computer because he wanted to capture her information. If he got caught – and he did – his action would have been a problem regardless of where she worked, but since she worked for the state supreme court, he was found guilty of a federal wiretapping charge.

Another example of a hard-to-detect keyboard logger came out in 2014. KeySweeper is a $10 device that looks like a typical USB phone charger but can pick up keystrokes from the radio signals transmitted by wireless Microsoft keyboards and transmit that data via cellular network. The logger doesn’t interact with the computer itself, making it difficult to detect. A wireless keyboard would have to encrypt the data transmitted between itself and the computer to prevent this type of sniffing attack. A keyboard that uses the Advanced Encryption Standard (AES) would be protected against this type of threat. While AES keyboards are not foolproof, they help deter data theft by using firmware that blocks access to the keyboard’s secret encryption key as well as random data generators and unique transmission identifiers.

Example of Using Keyboard Logger Positively 

Windows 10 has a feature that some news outlets have erroneously reported as a keylogger. It’s a setting that is enabled by default but that users can turn off in their privacy settings. It says “Send Microsoft info about how I write to help us improve typing and writing in the future.” Further in the “speech, inking, & typing” section of Windows 10’s privacy settings, there is an option to allow or disallow Windows and Cortana to “get to know your voice and writing to make better suggestions for you,” which includes collecting your typing history. Microsoft says these features are used to improve consumers’ experience with using Windows. It is not designed to collect personal information or to use it for malicious purposes but to improve product development. Microsoft uses safeguards to protect users’ information collected through these means.

That being said, accidental disclosure of collected information is possible, and users who are concerned can easily opt out. Nefarious keyboard loggers do not tell users about their existence or allow them to opt out.

RELATED TERMS
  1. All-in-on (AIO) PC

    All-in-one PCs (AIO PCs) are desktop computers which integrate ...
  2. Cloud Computing

    Cloud computing is a model for delivering information technology ...
  3. Advanced Persistent Threats (APT)

    An Advanced Persistent Threat (APT) is a large-scale, sophisticated, ...
  4. Tor

    Tor is an open source privacy network that permits users to browse ...
  5. Banker Trojan

    A malicious computer program designed to gain access to confidential ...
  6. Data Breach

    A data breach is an unauthorized access and retrieval of sensitive ...
Related Articles
  1. Personal Finance

    Steve Jobs' 10 Most Innovative Creations

    Steve Jobs was a brilliant CEO and a visionary. These are some examples of his most innovative creations.
  2. Insights

    Detailed Ways to Protect Digital Data

    Knowing how to protect digital data has become a big concern these days. Here are four easy ways to keep your personal information safe.
  3. Insights

    BlackBerry and Nokia Attempt Comebacks With Some Throwbacks

    The new phones were unveiled over the weekend at the Mobile World Congress in Barcelona.
  4. Investing

    Beginner's Guide To The Bloomberg Terminal

    Find out how to use the Bloomberg terminal computer system to trade stocks.
  5. Tech

    Cybersecurity: Stay Safe Online With These Tips

    No one can guarantee that any of us are 100% safe from cyber and identity related crimes, but we can make ourselves less of a target. Here's how.
  6. Tech

    Passwords Are Obsolete, Get With the Blockchain

    Blockchain technology could provide a better alternative to memorizing long, confusing, and easily forgotten passwords.
  7. Tech

    7 Cybersecurity Tips to Protect Your Finances

    These seven cybersecurity tips will help protect your finances from online fraud and hacking.
  8. Tech

    Strategies Advisors Can Use to Avoid Cyber-Attacks

    Cybersecurity is a growing concern for all entities. Financial advisors can avoid problems by being vigilant with these tested tips.
  9. Investing

    Microsoft Blocks Latest Windows 10 Update

    Microsoft is running into trouble with the latest version, prompted MSFT to block its own update.
RELATED FAQS
  1. How do Internet companies profit if they give away their services for free?

    Learn how companies in the Internet sector make a profit when service, content and user applications are offered at no cost ... Read Answer >>
  2. Why Did Microsoft Face Antitrust Charges in 1998?

    Discover why the Department of Justice filed antitrust charges against Microsoft back in 1998 over alleged monopolistic actions ... Read Answer >>
  3. Why is Average Collection Period important to a company?

    Discover why the average collection period can be a particularly important accounting ratio for a company that relies heavily ... Read Answer >>
Hot Definitions
  1. Compound Annual Growth Rate - CAGR

    The Compound Annual Growth Rate (CAGR) is the mean annual growth rate of an investment over a specified period of time longer ...
  2. Net Present Value - NPV

    Net Present Value (NPV) is the difference between the present value of cash inflows and the present value of cash outflows ...
  3. Price-Earnings Ratio - P/E Ratio

    The Price-to-Earnings Ratio or P/E ratio is a ratio for valuing a company that measures its current share price relative ...
  4. Internal Rate of Return - IRR

    Internal Rate of Return (IRR) is a metric used in capital budgeting to estimate the profitability of potential investments.
  5. Limit Order

    An order placed with a brokerage to buy or sell a set number of shares at a specified price or better.
  6. Current Ratio

    The current ratio is a liquidity ratio that measures a company's ability to pay short-term and long-term obligations.
Trading Center