FTP Site Manager - Passwords *not* encrypted
Moderator: Project members
Again, we're getting back to cost. Even if you could encrypt the XP OS drive (which you can't) it would add a ton of administrative overhead and decreases performance on the drive. Plus, in my company that would not fly because passwords get forcefully reset often.
You could encrypt just the App Data\FileZilla folder but even that would create Administrative overhead.
You could encrypt just the App Data\FileZilla folder but even that would create Administrative overhead.
dashing fine quip there :Dbotg wrote:If you see a couple of flower people protesting to legalize certain drugs, do you see the majority of the population protest against it at the same time? No? Thought so. Yet by your logic, the few protesters would be the majority.In the discussion that you locked, it was clear that the majority were requesting encrypted passwords. Why would you not want to meet the overwhelming requests by your users? That will only muddy your reputation and in the end devalue this project.
I was moderately annoyed by this, but this thread removed my doubts.
-
- 500 Command not understood
- Posts: 1
- Joined: 2007-09-24 11:14
I agree with that, but probably some people won't like to remember a password, so I'ld implement Master Password feature as a security option.You are assuming that FileZilla should use a hard-coded password or encryption key. You should never do that in a program. What you should do, is ask the user for a Master password.
Great work m8
-
- 500 Command not understood
- Posts: 1
- Joined: 2007-09-26 21:44
- Location: California
RE: Passwords *not* encrypted
I agree with jaycent, LPG_Seawalk and others. An encrypted password database would be the best way to go. How does Firefox do it? They have a password manager, and you have to enter a Master Password to get to the passwords it stores. Is that piece of code (Password Manager) available to the FileZilla developers? Just a thought.
johan
johan
Haha! This is a funny topic! Guys!
All the logins are protected with a secure master password with knobs on, it's called your "user account", and in computing terms, it's about the safest environment you have. Your user folder is sacred, only you are in there. You don't let other people access your personal desktop, right?
It's quite common for UNIX users to have all their ftp logins in a plain text ~/.netrc file, chmod 600, bingo!
Even windows has now adopted the concept of individual users, and NTFS offers a host of security features; we simple have to use them, and also common-sense, without which our computer and its data are fair-game.
And if you aren't using SFTP, this whole argument is effete; you are chucking your passwords into the public domain every day.
Anyway, I just found the whole thing amusing, because when I opened up the xml file and saw my passwords in plain text, I said "Cool!".
;o)
(or
All the logins are protected with a secure master password with knobs on, it's called your "user account", and in computing terms, it's about the safest environment you have. Your user folder is sacred, only you are in there. You don't let other people access your personal desktop, right?
It's quite common for UNIX users to have all their ftp logins in a plain text ~/.netrc file, chmod 600, bingo!
Even windows has now adopted the concept of individual users, and NTFS offers a host of security features; we simple have to use them, and also common-sense, without which our computer and its data are fair-game.
And if you aren't using SFTP, this whole argument is effete; you are chucking your passwords into the public domain every day.
Anyway, I just found the whole thing amusing, because when I opened up the xml file and saw my passwords in plain text, I said "Cool!".
;o)
(or
nothing is foolproof to the sufficiently talented fool
-
- 226 Transfer OK
- Posts: 619
- Joined: 2005-11-02 06:41
If encryption is really a problem, add a logon or logoff script that runs:
cipher.exe /e /a /s:"%appdata%\FileZilla"
FileZilla is an FTP client. It's not a secure password database, nor a data encryption database. Honestly, the tools are already there. Use NTFS encryption or use the KeyPass method. Or teach your users to remember passwords.
Alternately, if it's really a problem, fork FileZilla and rewrite it to use an encrypted DB for password storage. If you're an enterprise, you can probably afford to do that with staff you already have. Or maybe contract botg to make the change you need, if he's willing. It's GPL licensed. Leverage that. You don't even have to publish the code if you're not going to distribute it.
Or just purchase an FTP client license that meets your security requirements.
cipher.exe /e /a /s:"%appdata%\FileZilla"
FileZilla is an FTP client. It's not a secure password database, nor a data encryption database. Honestly, the tools are already there. Use NTFS encryption or use the KeyPass method. Or teach your users to remember passwords.
Alternately, if it's really a problem, fork FileZilla and rewrite it to use an encrypted DB for password storage. If you're an enterprise, you can probably afford to do that with staff you already have. Or maybe contract botg to make the change you need, if he's willing. It's GPL licensed. Leverage that. You don't even have to publish the code if you're not going to distribute it.
Or just purchase an FTP client license that meets your security requirements.
-
- 504 Command not implemented
- Posts: 7
- Joined: 2007-09-07 18:25
The problem that many enterprises might have is in the use of roaming profiles.
So even though the workstation itself might be secured, the profile is copied back up to the network at logoff. This profile share is usually accessible by backup administrators, server support staff, desktop administrators, etc. In any given organization, you might have 5-10 IT support staff who can browse roaming profiles.
I understand and support all the arguments made here as to why FileZilla does not encrypt the passwords. I also understand that the old filezilla.xml could be easily decrypted. However, sometimes even the smallest level of obfuscation helps to keep the honest people honest.
It's a lot like putting locks on your doors, installing an alarm, and getting motion sensor lights. Yes, all of these things can be ultimately defeated by somebody experienced....but each measure is just enough of a deterrent to discourage most attempts. Will they keep a professional burglar out? No. But they just might keep the punk down the street from trying to break in....and most of the time, that's what we're worried about.
So even though the workstation itself might be secured, the profile is copied back up to the network at logoff. This profile share is usually accessible by backup administrators, server support staff, desktop administrators, etc. In any given organization, you might have 5-10 IT support staff who can browse roaming profiles.
I understand and support all the arguments made here as to why FileZilla does not encrypt the passwords. I also understand that the old filezilla.xml could be easily decrypted. However, sometimes even the smallest level of obfuscation helps to keep the honest people honest.
It's a lot like putting locks on your doors, installing an alarm, and getting motion sensor lights. Yes, all of these things can be ultimately defeated by somebody experienced....but each measure is just enough of a deterrent to discourage most attempts. Will they keep a professional burglar out? No. But they just might keep the punk down the street from trying to break in....and most of the time, that's what we're worried about.