Enhance Password Security
|Reported by:||Make-It-Better||Owned by:|
|Component version:||Operating system type:|
|Operating system version:|
FileZilla is a great tool and I have seen the former arguments to refuse the improvement of Password Security and I understood them fully.
Yes, it is not possible to have a tool that is 100% secure. But the point is to have a tool that is as secure as possible with respect to functions and usability.
The argument against a master password was, that an intruder or malicious code could capture the master password entry "as easy as reading out the config with the stored passwords".
Is it really exactly the same?
No, it isn´t.
The probability for an intruder or malicious code to successfully read out the config is much higher then the probability to stay undiscovered in the system (for hours, days or weeks) an then be able to successfully capture the entering of a master password and then read out the passwords.
So FileZilla would with a small improvement be much more secure than today!
So please think over the old convictions and PLEASE add a Master Password to FileZilla to protect the FTP-account passwords in a better way than today.