encrypt websites data, irrespective of application password
|Reported by:||raanan barzel||Owned by:|
|Component version:||Operating system type:|
|Operating system version:|
Five years ago (Ticket #4565) this request was rejected, with the conclusion "On a secured computer plain text passwords are secure".
There is no such thing as a secured computer, and recent events prove this without doubt.
If you trust your door lock, then you may conclude that you dont need to lock drawers, but in reality you do: you are protecting at different levels; you may want your kid not to have access to the drawer but you still give him a key to your house. The drawer lock may not be foolproof, but it does deter from prying.
Website data needs a drawer-level security.
Stating that "A (security) chain is only as strong as its weakest link" does not mean that making things more difficult to an intruder is useless.
I wish the developers take a different stand on this issue. Until then, I will replace FileZilla with a client more respectful of this point of view.
Change History (5)
comment:2 by , 9 years ago
|Status:||closed → reopened|
|Summary:||encrypting site data → encrypt websites data, irrespective of application password|