Opened 16 years ago

Closed 16 years ago

Last modified 11 years ago

#4565 closed Feature request (rejected)

Encoding passwords

Reported by: René Diepstraten Owned by:
Priority: normal Component: FileZilla Client
Keywords: Cc:
Component version: Operating system type:
Operating system version:

Description

I'd like the passwords in recentservers.xml and sitemanager.xml
to be encoded. Lately, quite a few trojan horses harvest FTP logins for mass infection of websites.
I think it's necessary to make ftp login harvesting as hard as possible, thus encryption of passwords seems much needed.

Change History (2)

comment:1 by Tim Kosse, 16 years ago

Resolution: rejected
Status: newclosed
  • Obfuscation, simply does not work.
  • Encryption, requires user to enter password. In this case, why store at all? Use Ask logon type in sitemanager
  • Friends and coworkers accessing your system and reading your files: Such people are not your friends. Use full disk encryption and disallow others to use your computer
  • Trojan infection, if infected you cannot trust your computer, the trojan is more powerful than you, the user. You need to prevent infection.

Conclusion: The weakest link is the overall security of the operating system. A (security) chain is only as strong as its weakest link. On a secured computer plain text passwords are secure.

comment:2 by Alexander Schuch, 11 years ago

This is a duplicate of #2935.

Note: See TracTickets for help on using tickets.