Join 3,553 readers in helping fund MetaFilter (Hide)

Tags:

How did he get my email password?
March 19, 2008 7:56 AM   Subscribe

Husband admits spying on me by reading my emails, looking at deleted files, etc. He says he's stopped, but how can I tell for sure by checking my computer? Give answers for the most computer-unsophiticated.

I am assuming he used some type of key logger since he was able to get my passwords. I had suspected as much and tried to search the computer, but being very un-computer saavy (basically just looking through all the programs), I couldn't find anything unusual, so I just asked him. At first he denied it but then later, in a counseling session, admitted he had been doing it but had already stopped. He has not been willing to tell me how he did it. I'd love to simply trust him again but that is pretty much shot and I'd love to know for sure what's on my computer. Is that even possible? Wouldn't most spying software be extremely hidden? How could I conduct a search? I use Windows XP on both a desktop and a laptop, both Sonys, if that matters.

And no, I don't have anything special to hide, but I do enjoy having some semblance of privacy when it comes to my email. I haven't even bothered changing my passwords because if he got them once, he would get them again.

And yes, I see the irony of this as I type it on my home computer.
posted by anonymous to Computers & Internet (38 answers total) 7 users marked this as a favorite
 
The only way you can know for sure is to get a new computer. This previous question is probably relevant.

(Also, it sounds like you've got bigger problems than computer security. You probably already know that, though.)
posted by box at 7:58 AM on March 19, 2008 [1 favorite]


Many different anti-virus programs will detect common key loggers. You can try some of these online scanners (1, 2, 3) to see if they find anything. After that, you might try this Microsoft tool to detect root kits, which are hidden malicious software, or Spybot to see what they turn up.

But he wouldn't have had to do that to get your passwords, especially if they were saved someplace on the computer. For example, if you are accessing web mail and using either IE or Firefox, it is easily possible to get the saved passwords from those web browsers.

The only way you can be really sure he isn't still doing it is to start off with a clean installation of the operating system and all the programs you use, and then do not give him physical access to the machine. Or you can boot from a live CD as mentioned in box's link above any time you use the computer.
posted by procrastination at 8:09 AM on March 19, 2008 [2 favorites]


If you can't trust your spouse, then you better get your own pc and change your passwords ASAP.
posted by ewkpates at 8:10 AM on March 19, 2008


What box said. You have bigger problems that need addressing.

This isn't what she asked. She wants help addressing her computer security. She's not looking for relationship advice.

My best advice would be to change your passwords often and don't save them on the computer. The more work it is for him to read your stuff, the less likely I'd think he is to do it.

Aside from that, Google is your friend. If you see a program on the machine that you don't recognize it, give it a quick Google search and see what it is.

Or, of course, the more expensive solution is to get your own machine, put a password on it, and let it be yours.
posted by kjackelen05 at 8:25 AM on March 19, 2008


The only way to be sure the malware is gone is to reinstall the OS.

Depending on how tech savvy your husband is, it may be very difficult to protect yourself from this in the future. You can take basic steps to make sure he can't log in to your machine install key loggers in the first place (use strong passwords), but if he's determined and has physical access to the hard drives, he'll be able to do it anyway.

You could also boot from a Live CD to do things like browse the web safely, but that's a band-aid remedy.

(technological solutions to behavioral problems don't usually work)
posted by qxntpqbbbqxl at 8:27 AM on March 19, 2008 [2 favorites]


Yes, raze the computer and re-install Windows. It probably came with a "system restore disk" which will make this easier. Copy your important documents to another hard disk first, obviously.

Using Windows encryption for your sensitive files (such as the folder where your e-mail is stored) will prevent him from removing the hard disk and reading the files that way.

You can also use a biometric authentication device (i.e. fingerprint reader) to log in to your computer to prevent him from getting your password, even with a keylogger.

ProcessGuard is a dandy utility to keep any program from running that you didn't explicitly allow and should stop most spyware.
posted by kindall at 8:39 AM on March 19, 2008


I'm sorry, but with physical access to a machine and the right tools, if your husband knows what he is doing, your data will not be safe. If you have any sensitive data on your machine, you should store it off site, and never access it from a machine your husband has access to.
posted by ShootTheMoon at 8:42 AM on March 19, 2008


You need to change all your passwords asap. if you do banking on your pc, those passwords might already be stored in a text file too. Your husband may not be interested in those, but they are dangerous to have sitting around.

You might try using a friend's computer to go and change all your passwords. Booting off a cd as qxnt suggested is good - all you need is a browser and if you connect to the internet via a router, there shouldn't be much work to get online and access the websites to setup new passwords.

Also, what were you using for email? If it's just plain POP, then your husband may not have used a key logger, as your password is sent over the network for anyone to sniff. (And if you're using unencrypted wifi, anyone near your house can sniff it too.)

For better security in the future, i suggest: encrypt your wifi, encrypt your POP or IMAP, and secure delete (shred) any files instead of just emptying the trash.
posted by kamelhoecker at 8:44 AM on March 19, 2008


Sony's are usually pretty excellent for reinstallations, they normally have an area dedicated to the process on the hard-disk. Backup your documents/favourites/emails to a DVD/CD or External HDD. Use a program like Acronis Home to make the backup procedure easier if you wish-- there's an old ask.meta question about backup solutions if you don't want to pay for Acronis Home.

Once you've backed up--

Turn the machine on, press F10 (I think, I don't have a vaio to hand at the moment, check your documentation, the support site should have a copy if you've lost yours) and walk through the restoration procedure. It will wipe your machine entirely clean, back to fresh-from-the-factory setup.

Did I mention to backup everything you want to keep?
posted by Static Vagabond at 8:49 AM on March 19, 2008


In theory, root kits can even survive having the OS re-installed, although this is very unlikely.

Have the PC taken to geek squad or something and ask them to wipe the OS and then do two things:

1) setup the machine with a bios password, so that no one can change the boot order
2) setup the machine with a boot password so it can't be turned on without a password
3) setup windows to require a password (maybe the same as your boot password for convenience sake)
4) (optional) setup full disk encryption so that your husband can't take out the hard drive and install stuff that way.

That should cover the physical security of the machine. It might be harder to physically secure the network traffic. like kamelhoecker mentioned.
posted by delmoi at 8:53 AM on March 19, 2008


I suggest running the Portable Apps suite from a portable USB thumb drive if you are unsure of the computer itself, an don't let him near the thumb drive.
posted by iamabot at 9:06 AM on March 19, 2008


It doesn't have to be software, either. Check the keyboard cable on the desktop to make sure it plugs directly into the computer case. If it plugs into something you don't recognize, and then that plugs into the case, it might be a hardware keylogger.
posted by hades at 9:25 AM on March 19, 2008


4) (optional) setup full disk encryption so that your husband can't take out the hard drive and install stuff that way.

Hubby can still pop the drive, put it in another system, boot to OphCrack, get the admin pass. If he's tech savvy, and has physical access, the only answer is to carry your browser, data, files on a flash drive on your person.

Lots of programs are runnable directly from flash drives these days. They are your friend. Firefox in particular.
posted by SlyBevel at 9:26 AM on March 19, 2008


I'd go the other way, install a keylogger yourself- real easy- then you can see if he is still snooping. Perhaps shaming him might be the best approach? Otherwise, I have to imagine, the more you try to keep something from him the harder he is going to try and find out what it is or is not...

(technological solutions to behavioral problems don't usually work)

well stated qxntpqbbbqxl
posted by bkeene12 at 9:28 AM on March 19, 2008


Obviously you've got a serious problem in your marriage: your husband doesn't trust you, he is himself deceitful, you're in counseling. Since he get into your accounts in the first place, does it honestly seem realistic that if you approach this as a battle of who can stay ahead of whom technologically, you've got a chance of winning? If you don't root out the basic problem and deal with it decisively, he will likely find another way to spy on you.

He has not been willing to tell me how he did it.

What justification is there for this, other than A) because he's still doing it or B) so he can do it again at will? Bring that up in counseling.

This is not a technological problem. As your relationship stands, as long as you are using a computer he has access to to access the internet through a connection that he manages technologically, it seems really likely that you will be able to secure privacy on your computer.
posted by nanojath at 9:35 AM on March 19, 2008 [1 favorite]


(seems unlikely, duh)
posted by nanojath at 9:36 AM on March 19, 2008


If the attacker has physical access to the machine, there's really nothing that can be done to secure it.
posted by mr_roboto at 9:51 AM on March 19, 2008


Unless he's very determined and tech-savvy, though, and not just the average snoop, he probably isn't going to do much that standard software protection won't detect and undo. Try the online things linked above. If he says anything about it, you'll know he is (or was) still snooping and you blocked him.

Also, as I said in another thread, go somewhere else to change all of your passwords (use passwords he can't guess) and then stop using those accounts from home. If you can access your accounts conveniently from work or an internet cafe, that's the best way to avoid his tricks, though of course you open yourself to other possible snoops in public (at a cafe) or at work (where there is never a guarantee of privacy and there probably is a policy against anything that qualifies as fun).
posted by pracowity at 10:12 AM on March 19, 2008


You cant. If he has physical access then he has everything. Use a computer at the library.
posted by damn dirty ape at 10:34 AM on March 19, 2008 [1 favorite]


Mr_roboto is correct. People are assuming there is a software logger, that may not be the case. If he has physical access to the machine and he is not trustworthy, neither is the machine. The device I linked to is easy to detect but that is only one example.

If you truly need to be secure, stop using that machine, then go change all your passwords. Ideally, buy your own laptop and control physical access to the machine yourself. Even then, if you share the network at home you may be vulnerable.

As you live with the man, the number of possible attack vectors is pretty much unlimited. You can take precautions but there is only so much you can do.
posted by chairface at 10:39 AM on March 19, 2008


Go to the library and use their computer to change your passwords. Pick passwords that are hard to guess. Use combinations of numbers and letters and punctuation that have no personal significance to you -- no anniversaries, birthdays, pet's name, etc. You're going to have to come up with a creative way to memorize it.

At first he denied it but then later, in a counseling session, admitted he had been doing it but had already stopped. He has not been willing to tell me how he did it.

He may be using a keylogger, or he may have just guessed your passwords. Most people are very bad at picking passwords. Here's a whole Wikipedia article on password strength.
posted by desuetude at 11:22 AM on March 19, 2008


In addition to the people mentioning hardware loggers (and don't forget that a fair amount of email ends up going over the net as plaintext, ripe for sniffing), I think that you have to specifically address the fact that if he's not willing to discuss *how* he did it, then you can have *no* trust that he's not still doing it. He's betrayed your trust, and will have to earn it back. Until then, you can't trust anything he says (I.E. I've stopped reading your email).

If he tells you exactly how he did it (If he says it's a physical device, ask to see the device (and then smash it?), so that you know it's not software), only then can you regain some security.

If he won't tell you how (and be able to demonstrate), then the only way you can have a hint of security is to move to a new physical location, have your computer hardware thoroughly inspected by a geek, a complete software reinstall, and new passwords (and security questions) and *every* account. And he can never physically be at this new location. Ever. Heck, if you have a wireless network, you can't even let him know where the location is, as he could sniff from outside.

Essentially you have to DTMFA unless he is willing to *completely* come clean. What has your counsellor said regarding this? Seriously, I don't see how one could attempt to rebuild a relationship with such a seriously damaged foundation. The foundation *needs* to be redone.

Wow, I'm sorry for the situation that you're in.
posted by nobeagle at 11:26 AM on March 19, 2008 [1 favorite]


A small piece of advice, to save you the trouble of figuring out if he's stopped or not: if he's unwilling to tell you/show you how he was doing it, then he hasn't stopped.
posted by davejay at 11:41 AM on March 19, 2008 [1 favorite]


DO NOT USE THE GEEK SQUAD. If you dont want your husband snooping around you surely dont want the squad checking out your stuff.
posted by fumbducker at 11:47 AM on March 19, 2008


Yeah, a couple other people have given you the correct answer to this question; If your husband is more tech savvy than you and has physical access to the computer when you are not around there is simply no way to be sure he isn't spying on you. He doesn't even need to use keyloggers or whatever that you can find and disable. Since you aren't tech savvy he can get tons of information from browser histories, deleted files, cookies, cached files, all sorts of things.

You're looking for a technical solution to a social problem. This is a mistake.
posted by Justinian at 11:57 AM on March 19, 2008


May I suggest the following approach to anyone else addressing this question? It supposes the following: (1) the poster asks a technological question (not a relationship question); (2) notes that her husband may be capable of retrieving this question, and has shown some willingness to snoop before; (3) we don't know how he has done it, and it might be by a very basic means; (4) the poster may not be able to take the advice of avoiding use of the computer at home, buying a new one, etc.

So: if your answer simply specifies a better means of snooping, without providing an easily administered solution to it, perhaps limit the details about how to accomplish the snooping part. It's just adding to the other side's playbook.
posted by Clyde Mnestra at 12:19 PM on March 19, 2008


As others have said, physcial access to the computer renders it ultimately unsafe. I'd further that and say that physical access to your house and surrounding area renders it unsafe as well (splicing into Internet connections, etc).

There is no way to guarantee security on your computer.

But what you are describing is frequently a symptom of a problem, not the problem itself.

For help with the problem, try the Stalking Resource Center

And in case you need it, there are a ton of other related links through Wikipedia's DV page.


My apologies if I've made any inappropriate assumptions.
posted by Gorgik at 12:29 PM on March 19, 2008


Er, physical access
posted by Gorgik at 12:30 PM on March 19, 2008


Um - buy a new computer (laptop, AsusEee) and keep it with you. If he has physical access then there is nothing you can do.

While I can sympathize - I have seen the other side of the coin as well - where a friend who simply made a practice of monitoring his network eventually discovered his wife's affair.

If you feel safe (ie. that there will not be any abuse if he confronts you) - you can test his monitoring as others have mentioned. Create a fake account somewhere (hotmail, etc.) and use that to send steamy messages to yourself...
posted by jkaczor at 12:56 PM on March 19, 2008


Clyde Mnestra: saying "there is no good answer within the parameters you give, for the following reason" is an answer, and in my opinion the correct answer to this question. There isn't a good technical solution to what is ultimately a relationship problem, not a technical problem.
posted by Justinian at 1:13 PM on March 19, 2008 [1 favorite]


Wipe, reinstall then do whole disk encryption and never leave it logged in while you're not on it again.
posted by IronLizard at 1:55 PM on March 19, 2008


Justinian, I was not reacting to your answer (or to anyone else's in particular), and you're not genuinely reacting to mine. I was addressing how particular the reasoning should be: saying "reinstalling the OS won't work" is very informative; saying "reinstalling the OS won't work because if he follows the following link, he can install the following root kit that will defeat anything you do" struck me as less appropriate.

Besides that, I do differ with you. I think it is completely reasonable to ask and answer the question, "How might my husband have obtained my information, and how might I find that out?" It is also FINE to add, as you and others have, "Nothing you do will ever prevent him, if he is determined and tech savvy, from doing it again." But to say something more like, "Surrender your computer to your husband and work on your relationship, because you will never win this fight" makes a lot of assumptions about his capabilities, ignores her interest in discovering what has been going on (and, in doing so, even temporarily catching her husband in the mousetrap), and is hardly a foolproof strategy (counseling being what it is).

Think of it this way. Lots of people work constructively on security issues knowing full well that it is near impossible to defeat a sufficiently determined and capable foe; these people are not idiots. And if you were to tell them, "Give up and focus on reducing criminal and social deviancy," I suspect you wouldn't be considered that constructive.
posted by Clyde Mnestra at 2:06 PM on March 19, 2008


this doesn't address any of the tech aspects, as i think the previous comments are correct in that he can find a way around most measures if he is around your machine. i assume that you have already discussed this if you are in counseling together, but...

have you asked him why he spies on you? i suppose a lot of the people who hack into computers do it for the thrill of doing something illegal, or finding ways around security measures to discover secrets. perhaps if he was willing to discuss why, the activity may lose some of its thrill for him, or at least you'd know where the root of this invasion of privacy stems from.

this situation blows, but maybe it can be improved with a little old fashioned communication.
posted by evalenza at 2:47 PM on March 19, 2008


When someone has console access, it's pretty hard to prevent them from doing anything. As much as I hate it when people give responses to the effect of "you're asking the wrong question," I have to say that a marriage counselor will be far more helpful to you in this situation than a computer guru.
posted by Afroblanco at 4:14 PM on March 19, 2008


A lot of people have mentioned that your husband can do a lot if he has physical access to the computer. Perhaps this could be solved by putting your laptop in a safe when you're not using it.
posted by medusa at 5:49 PM on March 19, 2008


Here's my purely technogical answer to your question.

- buy your own laptop or handheld.

Set it up securely. That is:

- only you have an account
- the password is easy for you to remember, but difficult for your husband to guess
- set up the screensaver and powersaver to require a password if the computer hasn't been touched for 5 minutes
- use firefox and set a master password, so that your stored passwords are encrypted
- set up your user directory to be encrypted

Finally, when you are not using this computer,
- either keep it with you (in your purse, in a bag you carry), or
- store it in a place your husband does not have access to (a good friend's house or at work).

As candidate computers, I recommend ones that are small and light, so you are actually able to keep the computer with you. The iPhone isn't a bad candidate. I'd also recommend any sub-notebook (Fujitsu and Sony make some that are especially portable).
posted by zippy at 12:31 AM on March 20, 2008


I forgot to add: either use secure gmail (https access - there's a Firefox addon that forces this), or if you use a regular mail client, make sure it's set up for TLS or SSL encryption.
posted by zippy at 12:33 AM on March 20, 2008


If you do what zippy suggests, be sure to also watch out in case the security certificate for mail.google.com suddenly is no longer valid. That could be a sign that there's a man-in-the-middle attack going on.
posted by oaf at 9:49 PM on March 20, 2008


« Older The Man is turning the company...   |  Can I contribute to my Roth-IR... Newer »
This thread is closed to new comments.