Short, concise description of the idea
Provide an in-site click-based virtual keyboard as an alternative to type in a user's username and password for increased security.
Full description of the idea
To demonstrate an example, the United States Federal Aid for higher education website has this feature:
Click on the keyboard to the right of the boxes where the information should be entered.
(They've disabled the alphabet, since the information they require is number-based, but judging by the code source, it doesn't look difficult at all to allow for this information to exist)
- Greater Security, prevention of keystroke-logging form of phishing.
- There are programs out there which contain the ability to log keystroke information from one person's keyboard, sending it to the hacker's e-mail address.
- In other words, if such a malicious program infects the users computer, everything that is typed is available as information to the owner of the program.
- I don't see the option to enter certain special characters, but I'm wondering if that could be implemented in the code.
- Even so, allowing for even partial virtual keyboard would allow for greater security than none at all.
- For instance, if your password was:
- You could virtually type "aBc", manually type "~", and virtually type "123". Meaning if a keylogging program was in place on your computer, the only bit of information that would be transmitted, would be the "~". This would still keep the rest of your password's identity hidden.