I was able to reproduce this FileZilla behavior using 3.7.0.2 on Windows 7. I recognize FileZilla is behaving as designed, but wish to assert that this design should be changed.
Description of the Behavior:
1. In FileZilla's quickconnect bar, the user fills in Host:, Username:, Password:, and Port: and then clicks on Quickconnect.
2. FileZilla displays a "Remember passwords?" dialog if this is the first time the Quickconnect feature has been used. The user can easily misunderstand that this dialog is specific to the particular host being quickconnected, but it is not, and the consequences are dire. This dialog controls password policy application-wide and will erase all passwords for all sites if "Do not remember passwords" is chosen.
The dialog has the following text:
Remember passwords?
Would you like FileZilla to remember passwords?
When allowing FileZilla to remember passwords, you can reconnect without having to re-enter a password after restarting FileZilla
- Remember passwords
- Do not remember passwords
3. The user, easily misunderstanding that this dialog applies only to the host s/he has just specified in the quickconnect bar, chooses "Do not remember passwords" and clicks "OK".
4. FileZilla proceeds to delete each and every password in all the sites defined in the Site Manager, resetting all of their Logon Types to "Ask for password", then later writes FileZilla's sitemanager.xml file, replacing the previous file, making the loss of all site passwords permanent.
It also sets the checkbox Edit > Settings > Interface > Behavior > Do not save passwords and saves that accordingly.
Design change requested
I think, and from this forum thread I think many others would agree, that the current status is undesirable UI design: During a site-specific action, there appears a dialog driving an arguably unrelated application-wide action with dire consequences of erasing all passwords for all sites without proper warning.
My preferred design change would simply be to remove the application-wide dialog from the Quickconnect process. Replace it with nothing, or replace it with a site-specific dialog, specific to the particular host being quickconnected.
If the developers see a need to have the user make an application-wide decision when using Quickconnect, then at least 1) Add a clear warning, and 2) Add an "Are you sure?" confirmation dialog before erasing all user-stored passwords.
Thank you,
Kevin