Opened 12 years ago
Closed 7 years ago
#7914 closed Feature request (fixed)
Encryption Pass in sitmanager
| Reported by: | DownPlex | Owned by: | |
|---|---|---|---|
| Priority: | high | Component: | FileZilla Client |
| Keywords: | Cc: | dhasekarin@… | |
| Component version: | Operating system type: | Windows | |
| Operating system version: |
Description (last modified by )
Hello,
Today i have 1 question
Why you do not encryption passwords save in sitemanager
See this screenshort:
Change History (2)
comment:1 by , 12 years ago
comment:2 by , 7 years ago
| Description: | modified (diff) |
|---|---|
| Resolution: | → fixed |
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
On Windows, this would be pretty easy by using CryptProtectData and CryptUnprotectData from the Cryptography API (see http://msdn.microsoft.com/en-us/library/windows/desktop/aa380261%28v=vs.85%29.aspx and http://msdn.microsoft.com/en-us/library/windows/desktop/aa380882%28v=vs.85%29.aspx).
But as this prevents easy synchronization of sitemanager.xml between multiple systems, this should be made optional.
If the developer is not able or willing to implement this feature (which is obviously the case - I'm not trying to understand it...), I am seriously thinking about doing it myself when I find the time for it and contribute a patch; thank God it is open source software ;-) it wouldn't bee too difficult for me.
On Linux, I see no need for password encryption as Linux is not that vulnerable and most Linux users "know what they do". In fact many Linux applications (esp. "classic" command line software) do not encrypt passwords (even on Linux servers, many configuration files contain plain text passwords) - they rely on the OS. But most Windows applications do, and the developers know why ;-)...