There are two types of Keystroke Loggers, software and hardware based.
Software based keystroke loggers record input from the keyboard
(usually retrieved from the buffer) to a file on the hard drive or send
the keystoke data via email or other network based methods.

Both types of keystroke loggers can be used for evidence collection,
and likewise are used by hackers to obtain credit card information,
passwords, and other data.

The advantages of using keystroke logging is that it is a pure, and
simple method of monitoring computer activity. It is immune to most
encryption, and deletion methods. You cannot however access keystrokes
made before the device or software was installed. Additionally you
can’t monitor recieved emails messages, chats, etc. it’s a ‘one way’
method.

The hardware keystroke loggers attach between the keyboard port and
keyboard. They usually have to be physically added and retrieved from
the machine they are connected to. Hardware keystoke loggers are sold
to both law enforcement and the general public. They can easily be
detected by sight.

Software keystoke loggers can be installed on a computer hard drive.
The more sophisticated keystroke loggers are transparent to the user
and are hard to delete. However, there is still a risk of detection.

If you are in law enforcement you should generally have a search
/seizure warrant before installing a keystroke logger. Members of the
general public should not install keystroke loggers on equipment that
they do not own - this is illegal. In any case you should check your
local laws before installing a keystroke logger on any computer.

APA Citation:
Smith, Nathan. M. (2005). Keystroke Loggers.
Retrieved September 8, 2008, from http://www.computer-forensic-technician.com/wordpress/keystroke-loggers/.