When I am traveling I frequently publish my travel stories from internet cafés on this weblog. However, these places are not the safest computing places. I have seen a lot of worrying messages from virus scanners nobody pays attention to.
Because of this I have been searching for ways to improve security. One measure I took was installing the Semisecure Login Reimagined plugin to send the WordPress password encrypted from the browser to the server (a better way is to use SSL, but my hosting provider doesn’t support that).
However, sending the password encrypted doesn’t prevent keylogging. A possible solution is to use a virtual keyboard (on-screen keyboard). Because I don’t want to search for or install a virtual keyboard each time, I wanted a virtual keyboard integrated in my login screen. I couldn’t find something existing, so I decided to write a new WordPress plugin to accomplish this. The short name of this plugin is WP-Login-Vkb.
After pressing the keyboard icon next to the password box, my login screen looks like this now:
The plugin was tested with WordPress version 2.7 on a standard (not customized) login screen. Please let me know if the plugin does work with other WordPress versions (especially older versions).
Disclaimer: I cannot guarantee this plugin will prevent keylogging in all cases.
Remarks, comments and questions are as always very welcome.