Is copy+pasting passwords safer than a keyboard input?

[jko]

When I log on to internet banking etc., I normally copy and paste half of my password, and complete the remainder with the keyboard. Does anybody know if this is any safer than a straight keyboard input?

 

 

Edited August 5, 2016 by jko
clarity

[fishbrando]

https://ask.slashdot.org/story/08/04/23/2336200/best-way-to-avoid-keyloggers-on-public-terminals

 

Selected quote:

 

Quote

The problem with this is that any capable keylogger catches it. In fact, all the good keyloggers catch all Copy/Paste commands, and even the input from Windows+U 'Virtual Keyboard.' A good solution would be to type your password backwards. After ever letter, use the mouse, not the keyboard, to select before the asterisk you just made, and type the next (previous) letter.

 

[fishbrando]

It is best if your internet banking supports some sort of two-factor authorization.

[williamgeorgeallen]

i do the same as i had 7000aud stolen from me online a while back. there used to be ways hackers could record your key strokes  wonder if some one could tell us if it is better to cut and paste.

 

[12DrinkMore]

Bangkok Bank has prevented cutting and pasting.

 

Have to use the keyboard.

 

[12DrinkMore]

13 minutes ago, williamgeorgeallen said:

i do the same as i had 7000aud stolen from me online a while back. there used to be ways hackers could record your key strokes  wonder if some one could tell us if it is better to cut and paste.

 

 

There must have been a destination bank account and a trail. Even to set up the transfer I would need to enter a code sent by SMS to my phone.

 

So how come the bank could not get the money back?

 

(I would have received an email on login and an SMS message if a transfer had been made)

 

 

[williamgeorgeallen]

12 minutes ago, 12DrinkMore said:

 

There must have been a destination bank account and a trail. Even to set up the transfer I would need to enter a code sent by SMS to my phone.

 

So how come the bank could not get the money back?

 

(I would have received an email on login and an SMS message if a transfer had been made)

 

 

happened about 13 years ago. money went to england into an account with an indian sounding name. i just got a police report and the bank paid me back. i was pretty upset at the time but it was all ok in the end.

[12DrinkMore]

6 minutes ago, williamgeorgeallen said:

happened about 13 years ago. money went to england into an account with an indian sounding name. i just got a police report and the bank paid me back. i was pretty upset at the time but it was all ok in the end.

 

Lucky, I suppose.

 

Money could have ended up in a less user friendly country.

 

[DaveBKK]

Here's a trick that's better than nothing. Paste/type in a password with a set number of junk characters before AND after the pw. Like this: dicfikfkfPASSWORD847477

 

Highlight with the mouse the first 8 characters and delete. Then the last 5 or whatever and delete. Remaining left is your "password". Enter. 

[manfredtillmann]

one of my bank's password is entered by 'clicking' on an on - screen keyboard. and my kaspersky anti - virus software (when i was still with windows), offered me a safe banking window with a virtual keyboard.

[Craig krup]

Download Trusteer's Rapport, if your bank supports it: it scores very highly for preventing most attacks. I then also do random junk followed by deletes for all the account number stuff, and every institution I deal with has a floating key pad where you select the numbers from a drop down menu.

[Craig krup]

Download Trusteer's Rapport, if your bank supports it: it scores very highly for preventing most attacks. I then also do random junk followed by deletes for all the account number stuff, and every institution I deal with has a floating key pad where you select the numbers from a drop down menu.

[Craig krup]

Download Trusteer's Rapport, if your bank supports it: it scores very highly for preventing most attacks. I then also do random junk followed by deletes for all the account number stuff, and every institution I deal with has a floating key pad where you select the numbers from a drop down menu.

[12DrinkMore]

39 minutes ago, Craig krup said:

Download Trusteer's Rapport, if your bank supports it: it scores very highly for preventing most attacks. I then also do random junk followed by deletes for all the account number stuff, and every institution I deal with has a floating key pad where you select the numbers from a drop down menu.

 

Looks like you are suffering a multiposting virus attack.

[jgarbo]

l store login & password in my browser, Palemoon (Linux) so when I go to my bank, details are already filled in. My other a/cs use virtual random keypad, all backed up by SMS confirm.

Remember all Windows machines can be "back doored".  Linux has never been cracked in tests, if of course you login as "user", which forbids installing any app. You must deliberately switch to "root," to allow any Install. So I've

never lost money.

Try Linux Mint - free, open source (no back doors) & easier than Windows. Just Google it. you can test it before install. It will even sit beside Windows, so you can compare.

HTH

Jack

[louse1953]

Thanks for all the above info lads.I will change the way i do things.I have been skim scammed and it is not a pleasant experience,to lose money.Got money back through travel insurance,plus exchange rate bonus.

[Srikcir]

You should consider data masking applications that prevent key logging spyware.                                    https://en.wikipedia.org/wiki/Data_masking

 

 

 

[williamgeorgeallen]

On 8/5/2016 at 3:56 PM, 12DrinkMore said:

 

Lucky, I suppose.

 

Money could have ended up in a less user friendly country.

 

cops and bank did not seem to bothered by it. just a bit of paperwork and thrown in the 'too hard' basket. suppose 7000aud was not alot of money compared to other amounts going missing.