Email Best Practice #5

Nirav Ajmeri — Thu, 02 Apr 2009 10:22:14 +0000

Using public computers or even your friend’s laptop to check your emails can be lethal. Can you really trust them? Your friends might be more interested in knowing your secrets than someone else’s. Are you really sure that they don’t have ‘key logging’ software installed on their computers so they can replicate everything that you typed? Don’t trust them! And don’t rely on antivirus solutions either to detect the presence of malicious scripts that store scripts while running in the background. It takes no time at all to add an exception to the list of processes scanned by any particular antivirus solution, and thereafter the script can run safely without the antivirus software touching it – and it’s netted all of your passwords!

Best Practice: Avoid checking emails or using other password protected internet applications like Facebook or Orkut when using someone else’s computer. But what if you end up in a situation where you have no choice other than to use such a machine to locate an important piece of information in your mailbox? Here’s a tip. Make sure that you do not type in your password directly, but instead juxtapose a few characters using the mouse pointer.

For example, type the last few characters first, and then change the location of cursor using the mouse, or use the pointer to block previously typed characters and overwrite them, eventually leaving the characters of your password in their correct places – any key-logging software will pick up the wrong and much longer password. Be Prepared! Practice this technique using your own keyboard! Most key logging scripts do not have the intelligence to manipulate the position of your mouse pointer and hence you password might just remain safe.

Finally, make sure that you change your password immediately you have access to your own personal computer.

Web Coherence » key loggers

Email Best Practice #5