Use touch screen instead.
(or just don't use your computer)
That doesn't have any affect whatsoever. Just because you don't have a physical keyboard doesn't mean you are immune to key loggers. The on screen touch still shows the same data input & output as you would if you had entered the data as a physical keyboard.
Try to avoid downloading things you dont trust for the internet first of all. Second make sure that you have a back up anti virus like AVG.
You don't need to install anything to stop hidden downloads, so you don't have to clog up your computer with yet another anti virus. It takes around 3 lines of code to block downloads from anywhere, this code is external from the browser because, it means an attacker would have a far more difficult job turning it on/off unlike the ones that are located in some browsers. Of course as long as you are receiving data from being connecting to the internet you are still vulnerable.
So what kind of security software do you use then?
He probably uses CS or what I like to call common sense, sometimes people touch on intelligence too, rarely but they do.
this way you don't have to type them in and a keylogger can't do anything really
I'm unfamiliar with Lastpass these days, but you used to have to copy to the clipboard which indeed can be monitored by keyloggers. Also, the auto type which some offer I know keepass does can also be intercepted by keyloggers.
Conclusion: Password managers are basically for people who have a lot of passwords which they tend to forget (I do this all the bloody time) or people who want ease of use simply by coping it without having to type anything. Although, they do have some security with them, it's not 100% foolproof and relatively easy if targeted. All of them require either you copying to clip board, showing the password in plain text (
) or them auto filling for you, which can be captured.
-Use a Linux system.
-prevent hidden downloads.,
-Only use password managers for ease of use, don't store anything like bank accounts etc.
-Sure use a firewall & anti virus if you want and feel more secure.
-Don't download shit you haven't verified via certain methods. E.g: Checksum can be used in certain circumstances.
-No script, Http everywhere, flash disabled & java script turn off are all your friends.
-Set up a logging system, so you can monitor exactly what's going on & when things happened on your computer.