Live Chat Now
Give us a call

Send us a text



What is a Keylogger?

By DeVry University

August 31, 2022
7 min read

What is a Keylogger?

Whether you’re interested in a career in cybersecurity or are simply looking for ways to protect yourself online, you might be asking “what is a keylogger?” Keyloggers belong to a category of malicious software, or malware, that records the individual keystrokes you make while using your computer. They can pose a serious threat to your online safety because they’re often used to capture private information, like passwords, credit card numbers and other sensitive data from individuals and organizations.

Fortunately, there are ways to defend against these malicious attacks using some cyber security basics. In this article, we’ll explore how keyloggers work, the different types of keyloggers, who uses them, how to detect them and what you can do to protect yourself in the following sections:

How Do Keyloggers Work?

Keystroke logging is a well-established diagnostic tool with many legitimate uses. It’s the act of tracking and recording every stroke of a computer’s keyboard and is often done without the computer user’s knowledge or consent. When a computer keyboard is used, each keystroke sends a signal that tells the computer’s operating system and the application the user is running what to do. This communication is intended to be kept between computer and user. But when a keylogger is introduced as spyware to record every keypress and command, personal information like passwords, bank account and social security numbers, credit card information, email messages and logins could wind up in the hands of criminals. 

Types of Keyloggers

If you’re still asking “what is a keylogger,” understanding the two basic types of keyloggers can help. The two types of malware known as keyloggers are software keyloggers and hardware keyloggers. The software variety can spread from one computer to another over a network. Its hardware counterpart does not have this capability, but can still transmit information to the cybercriminals behind the attack.

Software Keyloggers

Commonly used by hackers to record computer users’ keystrokes, software keyloggers have to be downloaded by the user via an infected application of some kind. Once installed, the keylogger records the user’s keystrokes and automatically transfers this information to the hackers using a remote server. 

Hardware Keyloggers

A hardware keylogger must be physically connected to the target computer to do its work. An unauthorized person using a device on a network could install a hardware keylogger that could run undetected until after it finished collecting the sensitive information it was seeking. When finished logging keystrokes, the keylogger stores the data and the hacker has to download it from the device.

Unlike the software keylogger, the hacker is not able to get the data while the keylogger is working, but may be able to retrieve the data from the computer remotely by making it accessible via a Wi-Fi connection.

Who Uses Keyloggers?

Keyloggers are used for both legal and criminal purposes. They can be used in a variety of legitimate ways related to product development, research or employee or parental monitoring. As noted above, they can also be used by malicious hackers and other cybercriminals to steal information.

They are sometimes used lawfully by:

    • Employers, to monitor the on-the-clock behavior of staff members and ensure their compliance with company policies regarding the use of company-owned equipment.
    • Parents, to monitor their children’s use of the internet.
    • IT departments, to collect information on users’ difficulties and resolve them accurately, or to watch for unauthorized user activity on web servers.
    • Product developers, to gather feedback from users of new programs, hardware and games in an effort to improve products. When you agree to a software or game developer’s terms and conditions, you may be consenting to keylogging for these purposes.

When used maliciously, keyloggers are an effective tool for cybercriminals. In this case, keyloggers record private information like bank account numbers, passwords and financial information that is meant to be kept private. The wrongdoer in these cases could be anyone from a disgruntled former employee to an international crime organization. Some uses of keyloggers where there is clear criminal intent may include:



    • Stalking someone.
    • Stealing someone’s social media or email account information to spy on them.
    • Intercepting and stealing personal financial data, like credit card information, so that it can be sold to third-party cybercriminals who may use it to empty out bank accounts.

How to Detect Keyloggers?

Software keyloggers can be hard to detect and remove, even by some antivirus programs. They hide deep in your computer’s operating system, at the keyboard API level or in the computer’s memory. Often appearing to be normal files or traffic, this type of keylogger is even capable of reinstalling itself.

With hardware keyloggers, eradication could be either very simple or extremely complex. If the source of the malicious material is an external device, like an external hard drive, you can simply remove the device manually. An internal hardware keylogger, however, makes things much more difficult, potentially requiring a device teardown to discover.

Symptoms that might indicate the presence of a keylogger on your computer are similar to other virus warning signs and may include:

    • Your computer runs slower than usual.
    • Excessive hard drive and network activity.
    • Frequent and unusual pop-up windows.
    • Unfamiliar icons on your dashboard or desktop, or unknown programs launching when you start your computer.
    • Mass emails sent from your account.

If you experience symptoms like these, there are several ways to detect and disable keyloggers.  One simple way is to check your Task Manager by right-clicking on the Windows taskbar and choosing Task Manager from the menu. This utility indicates which processes are running on your computer. If you are unfamiliar with the processes listed, search them on the internet to see if you find any warnings indicating keylogger-type activity.


Another effective way to find a keylogger is by looking at the Startup tab. Keyloggers are intended to run full time on your computer, which means they have to start up with your operating system. In the Startup list, look for anything you don’t remember having installed yourself. If you see something that looks out of place, select it and then click on the Disable button in the lower-right portion of the window.


You can also examine your computer’s internet usage report. In Windows, pressing the Windows key and “I” at the same time will take you to the Setting screen, where you can choose Network & Internet, then Data Usage. This will reveal a list of the programs your computer uses to access the internet. If anything seems unusual or suspicious here, do a search to find out what it is. It may be a keylogger. 

How to Protect Yourself from Keyloggers

You can help protect yourself from keyloggers in many of the same ways you protect yourself from other cyber security threats:

    • Download files only from trusted and recognized sources.
    • Double-check URLs before clicking or downloading anything.
    • Keep your operating system (OS) up to date.
    • Install an ad blocker or pop-up blocker on your browser.
    • Set up two-factor authentication on your most sensitive accounts.
    • When downloading applications to your phone, download them only from the manufacturer’s marketplace.

New versions of malware are being introduced all the time, so no off-the-shelf solution is likely to be foolproof. You can, however, take some basic defensive steps, beginning by taking stock of your online behavior. Following general best practices for online safety and maintaining a healthy level of skepticism when engaging in any type of online activity can help .

The antivirus software maker Norton recommends a few more steps to protect yourself:



    • Two-factor authentication: One of the most effective forms of malware protection, 2FA adds an extra log-in step, such as a temporary PIN sent to your phone, to help verify the person logging in is really you. Even if your password was stolen through the use of a keylogger or other means, cybercriminals still wouldn’t be able to access your account.
    • Consider using a virtual keyboard: Circumventing any keylogger malware that relies on your physical keyboard, a virtual keyboard displays the keys on your computer screen. This is not considered a foolproof solution, however, because some software can still monitor your on-screen activity.
    • Use a password manager: Password managers help you manage all the different logins you are likely to have, but they also provide good defense against keyloggers. By logging in with a password manager, you won’t be displaying or physically typing your login information, so keyloggers can’t detect it.
    • Install antivirus software: Look for antivirus software that offers robust anti-spyware and anti-keylogger protection. And because new versions of spyware are being written all the time, it’s important to keep your antivirus protection up to date. 
    • Use voice-to-text conversion software: Voice-to-text software is another technology that can bypass your physical keyboard, thereby thwarting the forms of keylogger malware that target your physical keyboard. 

Learn to Combat Cyberattacks at DeVry

If you’re interested in learning to protect networks, data systems and users from cyberattacks like keylogging and spyware, we can help. At DeVry, our cyber security degree and certificate programs are taught by experienced professionals and cover topics like forensics, malware and cryptography. In addition, our cyber security curriculum is acknowledged and verified as an approved provider by the National Initiative for Cybersecurity Careers and Studies (NICCS). Pursue your education 100% online or through our hybrid model. Classes start every 8 weeks.

8-Week Class Sessions

Classes Start Every 8 Weeks

Filter Blog Post Category

Related Posts