Can keyloggers monitor mouse clicks and keyboard entries?

Can keyloggers monitor mouse clicks and keyboard entries?

I'm looking for a software program that can monitor all keyboard entries and mouse clicks throughout the course of a day. My manager then wants a summary report of the activity; he doesn't care what information is entered, but he wants the number of key hits on the keyboard, number of mouse clicks, as well as time statistics. What are the risks of using a keylogger for this purpose? Are there better alternatives?

    Requires Free Membership to View

    Login

    SearchSecurity.co.UK members gain immediate and unlimited access to breaking UK industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.co.UK today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.co.uk you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.co.uk is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

It sounds like your manager is looking to carry out some sort of productivity or behavioral research. I say this because he seems more interested in time statistics than actual inputted content.

The definition of a keylogger is any device or program that captures and records information from an input device. Input devices include keyboards, mice, touch screens and voice commands. So, yes, a keylogger is what you need to use, but most keyloggers only capture keyboard input.

Recording mouse clicks, however, is fairly meaningless unless you know what the user is clicking on. The main legitimate purpose of keyloggers is to monitor user activity. If, for example, an organization suspects an employee of sending confidential information to a third party, they may want to record his or her actions. This type of keylogger can be either a software program or a hardware dongle that sits between the keyboard and the desktop. With keyloggers, the main aim is capture the data input. Therefore the time between inputs is not critical, and time statistics are not recorded. Even a hacker's keyloggers do not record time-related data.

If you can't find a keylogger that captures all the data that you need, you could very easily write your own simple program to do this. If you're not that familiar with coding such a program, you could start by looking at the code for Keymail. Keymail is a keylogger that emails keystrokes to a chosen email address, but this program could easily be adapted to capture and store the information that your boss needs. If you need to capture data from users running different operating systems, then a hardware keylogger is the way to go; these are usually OS independent and do not require any software to be installed. They also have the advantage of not being affected by hardware crashes or system formats.

Whatever route you choose, you should be aware of the personal privacy rules that need to be adhered to. Also, you need to ensure that the logged data does not fall into the wrong hands, captured keystrokes may well include network passwords and other sensitive data. This is why hackers use keyloggers so frequently. They install keyloggers on users' machines in order to gather useful information for further attacks.

More information:

  • Learn more about keylogger basics.
  • See how a JavaScript keylogger helped spread a malicious backdoor Trojan.

    • This was first published in April 2007

    Back to top