FTP client on windows that save session password in encrypted text [closed]

FTP client on windows that save session password in encrypted text [closed] Filezilla or WinSCP save password in plain text which is unsecured on public machines. Is there any FTP client can save and encrypt password so that people using it only can access to FTP but not able to see password? Thanks!
Asked by: Guest \| Views: 308

Total answers/comments: 3

Comments display order:

Guest [Entry]

Eventually ends up by using WinSCP which encrypt (or hash?) password and save in registry. So it's not easy to see plain text pwd.

Guest [Entry]

If you can use the password, you can decrypt it as well, by using the same algorithm as the program uses. Even if you do not know the algorithm, you still can sniff the plain-text authentication using Wireshark.

Guest [Entry]

"If you're connecting via FileZilla's Site Manager, there's an option below the password field to prevent saving the password.

If you use Quickconnect, the password is saved encrypted in the XML file, and you can click the drop-down menu on the right and clear the history. Then the password will not be stored in the XML file.

Where is the evidence that FileZilla saves plaintext passwords?

Assuming you don't clear and empty the history, the password is only saved if you have this setting in the filezilla.xml file:

<Item name=""Last Server dont save pass"" type=""numeric"">0</Item>

This is in the FileZilla installation directory, normally under Program Files, but if you can edit the file and change the setting to 0, the last-used site's password won't be saved at all."