Information security on computers is often compromised using a simple interception tactic such as keystroke logging, referred to as keylogging, in which malicious hardware or software covertly records the keys pressed on a keyboard. A user of the keyboard is generally unaware that his keystrokes are being recorded or monitored in any way. By stealing passwords with this simple technique, attackers can defeat the complex software security protecting infrastructure data systems.
Keylogging is the most common interception tactic, but other approaches include screen capture software, hidden cameras, and acoustic or electromagnetic analysis. These interception techniques allow user names, passwords, account information, and other sensitive information to be captured. Physical access to a client machine is often quite easy to obtain, making secure data entry and information display on a compromised client machine very challenging. Because keylogging can occur in hardware as well as in many different levels of the operating system and application software layers, keyloggers can be difficult to detect and remove.