Re: Just learned that FileZilla stores passwords in clear te
Posted: 2013-07-18 17:40
The developer said that FileZilla will never obfuscate passwords. Search the other threads discussing that topic.
Welcome to the official discussion forums for FileZilla
https://forum.filezilla-project.org/
https://forum.filezilla-project.org/viewtopic.php?f=1&t=26001
You are already prompted whether you want to store passwords when using the quickconnect bar for the first time with a non-anonymous account.Why not, simply, popup a warning message, in big, the first time a password is stored, to tell "warning, security is your entire responsibility and passwords are stored in plain text".
If there's malware on your computer that can read plaintext passwords, it can just as well intercept your master password.Why not employ an internal password vault so when we start FZ we're asked a single password that then makes access to individual entries' vault-protected passwords possible?
Only if the malware is running whilst i enter my password.botg wrote: If there's malware on your computer that can read plaintext passwords, it can just as well intercept your master password.
I wonder what percentage phishing, DDoS traffic, drive by downloads, spam and all the other internet nasties are due to people not preventing malware infections in the first place.I wonder what percentage phishing, DDoS traffic, drive by downloads, spam and all the other internet nasties are due to server passwords obtained from filezilla?
A great deal i'm sure. But neither you nor I can stop that.botg wrote:I wonder what percentage phishing, DDoS traffic, drive by downloads, spam and all the other internet nasties are due to people not preventing malware infections in the first place.