A keylogger doesn't need to break encryption or guess your password. It just waits for you to type it — and records every keystroke. Keyloggers are one of the oldest and quietest ways accounts get stolen, because they capture your credentials at the exact moment your fingers hit the keys. This guide explains what a keylogger is, the software and hardware types, how it gets in, the warning signs, and how to protect your accounts.
What a keylogger is
A keylogger (keystroke logger) secretly records every key you press — passwords, messages, card numbers, searches — and sends the log to whoever planted it. Most are malicious software; some are small hardware devices.
The danger is direct capture: a keylogger steals a password even if the site is perfectly encrypted, because it reads what you type before the data is ever protected. It bypasses the lock by watching your fingers, not the vault.
Software vs hardware keyloggers
- Software keyloggers — a program running quietly on your device, usually part of malware. It records keystrokes and sends them over the internet. This is the common, everyday kind, often arriving through phishing or dodgy downloads.
- Hardware keyloggers — a physical device plugged between a keyboard and a computer (or hidden inside it) that stores keystrokes locally. The attacker needs physical access to install and retrieve it — mostly a risk on shared or public machines.
How it gets in
A software keylogger arrives the same way as most malware: a phishing message with a malicious link or attachment, software bundled with a "free" download, a fake or cracked app, or a drive-by infection. A hardware keylogger instead needs someone with physical access to your machine. The pattern: software needs you to run something; hardware needs someone to touch your computer.
Warning signs
Software keyloggers are built to be invisible, so prevention beats detection. Still, be alert to a device that's suddenly slow or hot, unexplained network activity, unfamiliar programs or processes, antivirus that's been switched off, or accounts accessed without you. On a desktop, an odd device in line with your keyboard cable could be a hardware logger.
How to protect your accounts
★ Audit Cure53 2024 · ✓ Plan gratuit · Cross-platform
Autofill instead of typing — fewer keystrokes for a logger to catch → NordPassFills credentials on the genuine site · Unique password per account · Zero-knowledge vault→- Keep your OS and apps updated and run reputable anti-malware — most keyloggers are malware.
- Don't open unexpected attachments or links, and install only from official sources.
- Turn on two-factor authentication — ideally passkeys or an authenticator app — so a captured password alone can't unlock an account.
- Use a password manager. It autofills on the genuine domain instead of you typing, so there are fewer keystrokes to capture, and it gives each account a unique password.
The honest limit
No single tool is a guarantee. A determined software keylogger on a compromised device can capture a lot — including the clipboard or a master password you do type — so a password manager is one layer, not immunity. The real defence is layered: updates, anti-malware, cautious clicks, phishing-resistant 2FA, and the willingness to reset a device you believe is infected. Change passwords from a clean device, not the suspect one.
The bottom line
A keylogger steals passwords by recording your keystrokes — quietly, often invisibly, and regardless of how secure the website is. Software loggers spread like other malware; hardware loggers need physical access. Defend by keeping software updated, running anti-malware, avoiding suspicious links, turning on phishing-resistant 2FA, and using a password manager so there's less to type and one stolen login can't unlock everything.
★ Audit Cure53 2024 · ✓ Plan gratuit · Cross-platform
Get NordPass30-day money-back guarantee · Free plan available→
