Any user being KeyCapture-logged must have been authorized by the
    system manager for KeyCapture logging since sensitive, non-echoed
    input data might be logged.

    Rights-list Identifiers are used to specify who may be logged with
    KeyCapture. The Rights-list Identifier used is KCAP$INPUT_LOGGER.

    To use KCAP/TRACK, the user must hold the Rights-list Identifier
    KCAP$INPUT_LOGGER.

    KeyCapture 5.1.14 suppresses logging of passwords entered with the DCL
    SET PASSWORD command, and for SET HOST, SET HOST/LAT, SET HOST/TELNET,
    SET HOST/DTE, and SET HOST/RLOGIN. It also suppresses logging of
    passwords for LOGINOUT.EXE and VMS's TCPIP FTP and TELNET commands.

    The programs pointed to by the VMS logicals OPENVMS$FTP, OPENVMS$RLOGIN
    and OPENVMS$TELNET are now included in the list of standard programs
    which do not log non-echoed input.

    The 5.1.14 release of KeyCapture also allows the system manager to add
    additional programs to the above list of programs for which passwords
    aren't logged. See the section in KCAP_DEFAULTS.COM concerning Special
    Images.

    PLEASE NOTE: KeyCapture will record passwords and other non-echoed
    input for programs other than the above. USE WITH CAUTION on any
    sensitive accounts or systems if you have programs other than the
    above which are password protected.

    When logging-in to another system with any of the SET HOST commands
    (including TELNET), KeyCapture does not log any characters which are
    input to the remote system. KeyCapture does log the fact that input was
    entered, but the characters themselves aren't logged. Since the input is
    going to another system, this doesn't compromise the security of the
    system on which KeyCapture is running. If the remote system is running
    VMS, KeyCapture can be used on that system to log the input without
    jeapordizing password security for the remote system.

    To protect passwords, input keystrokes are also suppressed for the
    MS_SERVER process which is used as part of NDC's MultiSessions product
    on ALPHA systems. This makes the /NOBACKGROUND and /NOSINGLE_WINDOW and
    /NOWINDOW commands obsolete for KeyCapture. (These commands remain valid
    for NDC's Peek & Spy product.) KeyCapture does record the input for each
    individual MultiSessions session.

   GREAT CARE SHOULD BE USED WHEN GRANTING USERS THE KEYCAPTURE RIGHTS-ID,
   SINCE THIS ALLOWS LOGGING OF NON-ECHOED INPUT. Precautions are taken in
   KeyCapture to avoid logging VMS passwords BUT PARTICULARLY FOR THIRD-PARTY
   SOFTWARE, THERE IS THE POSSIBILITY THAT NON-ECHOED INPUT LOGGED BY
   KeyCapture COULD CONTAIN PASSWORDS.