Re: FileZilla 3 development diary
Posted: 2017-05-26 23:13
Did you check the "Remember" checkbox?
Welcome to the official discussion forums for FileZilla
https://forum.filezilla-project.org/
Why the snide comment?botg wrote:I'm glad you like a feature that doesn't even increase security.
To me this sounds like the feature will at least increase usability without compromising security.botg wrote:Incidentally, this functionality is indistinguishable from not storing passwords at all from a security perspective.
But it does. It is much easier for malware to just wait until some date in the future, and silently read the password file. This could be hidden in any kind of program, it doesn't even have to be continuously active or run in the background or do anything. And it doesn't depend on FileZilla running or the user doing anything FTP related. A program can just wait until whenever it's being run after some date in the future, and steal the passwords.botg wrote:I'm glad you like a feature that doesn't even increase security.
Will be fixed in the final release.boco wrote:When connecting to the server from the Site Manager, there is no "Remember" checkbox.
A master password does not offer any additional security. It is no more secure than not saving passwords at all, functionality that has already been in FileZilla for many years.kazimir_ wrote:But it does.botg wrote:I'm glad you like a feature that doesn't even increase security.