If the above encrypted password were delivered to the browser or Gmail, neither could decrypt it and use it to log you in because they don't know the secret used to encrypt it.
If you still don't understand, ask yourself when and where does the encrypted password get decrypted, i.e. become usable as a password. It is vulnerable at that point.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Does keyboard encryption facility in Spyshelter works with simulated key presses of KeePass? Does anyone knows for sure?
Got an answer to above myself using Spyshelter's own security test tool. Contrary to popular belief, it doesn't!
Keyboard encryption must eventually produce the real characters and any malware worth it's salt will be able to capture that data.
cheers, Paul
Yeah..but that will be encrypted data.
If the password is encrypted when it is delivered to the application (e.g. browser, gmail) it is not the password.
For example if your Gmail password were "Mairzy Doats" It might look like this when encrypted:
If the above encrypted password were delivered to the browser or Gmail, neither could decrypt it and use it to log you in because they don't know the secret used to encrypt it.
If you still don't understand, ask yourself when and where does the encrypted password get decrypted, i.e. become usable as a password. It is vulnerable at that point.
Thanks a lot! Yeah..it was my bad! I didn't got fully what Paul was trying to say, now got it. Thanks again.
Last edit: abhay bhatt 2016-11-14