After reading your email on cryptome.org.... A couple of weak defences against keyboard logging of passwords. Both are useful to allow you to keep your password hidden from a keyboard sniffer or a 'patched' telnet program. 'One key' password entry. ---------------------- The program displays the letters of the alphabet and slowly cycles which letter the cursor is under... You push the spacebar to stop the cursor, and then if you don't push the spacebar again within two seconds it accepts it as part of the password. All a keyboard logger sees is a few space presses. This could be implemented at the remote end of a telnet session (well, a ssh session...) If the order of letters or they cursor moves was randomised the keypress timing would contain no information about the password. This gets round the employer problem unless the employer is watching your screen. The password feedback is visual. Mouse password entry -------------------- You could use your mouse to hunt and peck the desired letters on a keyboard. Once a letter is chosen the cursor should jump to a random location on the display to foil 'mouse sniffing' Cheers Mike Field mafield@the.net.nz