Keylogging

I'm delving into an area I know little about: keylogging. The more I research it, the more I realize how important it is to us. It's basically a process where someone captures our username and password to a website. It could be an email account or a critical financial site. The advise I've gotten from everyone is that I shouldn't use a public computer to log into any important website; public computers are commonly infected with keylogging programs (programs that capture your usernames and passwords).

Here is an excellent article which explains what keylogging is and some ways to foil keyloggers. It's important to note that of all the research I've done I've read repeatedly that you are never safe from keyloggers, you can only minimize the chances of getting your usernames and passwords stolen. On this site they give you some basic techniques which may foil only the most rudimentary keylogging programs.

One program I use is KeyScrambler which was made specifically to foil keylogging programs. It works by encrypting your input at the keyboard driver level as it enters your computer and decrypts it at the destination application. Sounds good, but in researching its effectiveness, the critics say that if a program is written to do this, it wouldn't be hard for a keylogging program to capture the information before its encripted at the keyboard driver level or after its decripted at the destination level. They have a free basic version of it and a more complex pay version of it.

I don't have alot of faith in KeyScrambler so I'm now trying a combination of KeePass and KeeForm (both are open-source software where KeePass is the application program and KeeForm is an extension of this program). According to the forum on KeeForm (and other places I've searched), they generally say something like this: "KeePass will not prevent key loggers intercepting your keystrokes, but if used with KeeForm it will. KeeForm uses the COM interface of Internet Explorer to send login details without any keystrokes. Mind you, no secure transaction should be made on a compromised system." Follow these instructions for installation of the most recent version of KeeForm.

Since we carry our own laptop, I'm not quite sure of the risks involved but to be on the safe side we'll use KeeForm and KeyScrambler. I tried researching how safe we are when using our own laptop and connecting to public wifi but haven't come up with anything.

If we ever have to use a public computer I'll use KeyForm installed on a USB dirve and hope that the computer gives me access to the USB drive. If it won't I won't do any important transactions and will use the basic keyboard techniques to minimize any chances of getting our passwords stolen. Third world countries are notorious for being infected with keylogging programs so I'll have to be very careful.

Please let me know if you know of any other techniques for foiling keylogging programs.