Updated: 02/07/2022 by Computer Hope
Fictional Backdoor keyboard key, lifted up on one side with a ladder protruding from the hole under the key

Also called a manhole or trapdoor, a backdoor is a concealed entry point into a program or operating system that allows a user to bypass normal authentication.

Developers often create backdoors for debugging or testing purposes. For example, a programmer may insert a piece of code that allows them access to a computer or secure area using a password only they know. However, backdoors can also be inserted by attackers to gain unauthorized access, allowing them to take control of a system, steal information, or launch attacks against other devices.

How do I know if my software has a backdoor?

Unless you can view and understand a program's code, it's almost impossible to know if it has a backdoor. A security expert can determine whether a backdoor exists without code access by noticing unusual network traffic. However, using this detection method requires that the backdoor reports to its creator or is accessed remotely. If a backdoor is only made to bypass security, the expert must rely on other means, such as reviewing activity logs or watching a system's performance.

Is it safe for a government to have a backdoor?

No. Many governments, government agencies, and police argue that backdoors should be made to help them with their investigations. However, all experts agree that creating a backdoor can (and has in the past) allow others to discover and exploit the opening. Essentially, there is no such thing as a safe backdoor.

What if the backdoor was password protected?

Even if a backdoor requires a password or is otherwise protected, it's still a vulnerability. For example, if an official knew a password to a backdoor, they could share or sell that password to anyone. Once that information is shared, it can't be unshared. Even if the password was not shared, a hacker could still discover the backdoor and crack the password or find an exploit without it.

Bypass, Code, Computer slang, Easter egg, Programmer, Security terms, Spyware, Threat, Trojan Horse