Originally Posted by Scandalous
A simple and admittedly imperfect technique that will still fool most common key loggers is "mix up" your login and password. Say my login here is "scandalous" and my password is "password". I click the mouse cursor down to the password line and type "word" than click the mouse up to the username line and type "dalous" then click back down to the front of what I have already typed in the password line and type "pass" then click back up to the front of what I already typed in the username line and type "scan". The keyloger does not record the mouse clicks, only the keystrokes. So the keylog would read "worddalouspassscan". I suspect this would discourage most simple bad guys and they would quickly abandon trying to figure it out and go in search of easier targets. Perfect? No. But I bet it would confuse the bad guys most of the time.
Thanks! Ingenious solution. Another variant, for computers that still have a drives, is to keep passwords on a disk, then cut and paste them into user/password lines, as loggers wouldn't read the information being cut and pasted. Of course, if a program captured a screen shot, that wouldn't work. All of this is beyond me, so I just use email at Internet cafes abroad, and then I change my password the moment I return home.