I’d never use a computer from library, cybercafe, friend’s or relative’s house to check my emails or log in to any website that have to key in my password. I will never know if the computer that I am using has spyware or keylogger installed that can capture my password as it is often impossible to tell. I still remember that many years ago I have a friend who used to work in a cybercafe and he told me that he installed keyloggers on all computers which helped him captured so many passwords! It is very unethical and I believe there are people still doing that.
There are software and hardware based keyloggers and then there is screenshot capture. It is possible to fool all those spy activity but it’s very troublesome. Today I found a way that can safely and EASILY login from internet cafes despite keyloggers and spyware.
KYPS is a free reverse proxy server created by Andreas Pashalidis that enables us to log into our accounts from a public/shared computer, without disclosing our password to that computer. KYPS is very easy to use and does not require you to run any software on the public/shared computer. All we have to do is to obtain a list of one-time codes from the KYPS server, print these codes, and keep the printout safely in our wallet (alternatively we could save our codes on our mobile phone or PDA). We can then log into our account using our one-time codes instead of our password.
This solution sounds perfect but my greatest concern was do I have to save my password in KYPS so it’ll login for me? No, my password won’t be saved or recorded by KYPS but it is required exclusively for generating a PDF file with our codes. KYPS then deletes our password and our one-time codes as soon as our codes have been returned to us. Each one-time code on the list is nothing more than an encrypted version of our password, which can only be decrypted by the KYPS server. The security of this encryption is based on the one-time pad technique.
Here are the steps to get started:
1. Register with KYPS and it will generate a registerReply.pdf file with your one-time codes.
2. Go to KYPS login page, select the website and enter the username.
3. Enter the one time code by referring to the number on the one time code list.
Other than protecting our password, KYPS also acts as a reverse proxy. Let’s say if we login to Hotmail using KYPS. You’ll notice that the URL will not even show hotmail.com address, instead it shows KYPS url with scrambled random characters.
KYPS service is truly a gem and I find it hard to believe that it is free to use (donations are welcomed). Currently KYPS only supports logging in to Microsoft Hotmail, Yahoo Mail, Google Mail, Web.de, GMX and MySpace. Let’s hope that this free service will continue to go on and support more websites in future.
[ Visit KYPS ]
Related posts:
That is awesome! I’m sure it’s very well deserved. Congrats!
This is great. This will be of good use. I really hope so.
Thank you for sharing this one.
This post can really help me. I am often times using untrusted computer and I think I really need this. Thank you
This is a very informative article.Thanks for your prompt response Raymond. I have always found your website to be very useful.
I want to open any of systemj without using password
Its been a great experience going through this blog, where i got to know about the approach how to safely login from a untrusted computer without disclosing the password.
oh and i wasnt too sure where 2 post this but in leave a reply bit, it says URI, isnt it ment to say URL?
nice..!! but how do you get 573 unread emails but using just 1% of 5gb :P
Thanks
thanks man
Thx, Raymond!!
i will aapreciate your price.
Slow connection? This is something like external proxy server and I won’t trust them.
I, too, use Roboform to Go, so that it automatically login and it also conceals your password so that it cannot be screen captured.
Thanks for your prompt response Raymond. I have always found your website to be very useful.
@MZ: I think your idea is pretty good if you are using Roboform together with a portable Firefox in a USB stick. This way not even cookies will be left behind.
Do you think its better to use Roboform installed on a USB stick and then try to access your mail by using this USB stick on your friend’s machine or in a library.
Everybody Loves Raymond! :-D
Great site however i would revert to others methods such as Virtual Machines with DSL installed but this seems quite practical.
Thanks.
There are always risk when we give out our password and the only thing we can depend on is their privacy policy. At the end of the day, it’s our decision whether we’re willing to take the risk or not.
thanks , don’t you think there is any risk of given password to that site ?
Dear Raymond,
This is a too-good-to-be-true post. I was very anxious about using cafes to surf and check my mail. Now, I know that I can relax while using cafes to check my mail, provided I take appropriate prior steps with KYPS. Thanks for sharing it with all of us.
~Neo
thankyou. a much needed thing