aimeeandbeatles
watermelon
- Joined
- Apr 5, 2007
- Messages
- 20,112
Just yesterday I realized that FileZilla stores its passwords in plain-text. That alarmed me. I went on the FileZilla board to see if there was an option to encrypt it or something, but ... let's just say the developer is a bit stubborn and nasty about not implementing it (just read any of the threads on the google list.).
So anyways, I had three options:
1. Ignore it and continue to use FileZilla.
2. Find an alternative.
3. Find a way to use FileZilla safely.
Anyways, the first option isn't that good, because there are viruses out there that actually exploit the fact that FileZilla keeps its passwords in plain-text. Im careful with security but, IMO, it's too big a risk.
The second one I tried. I found WinSCP. It's nice in its own right, and I'm keeping it, but its not quite what I need.
Anyways, the third option. First off, not saving the passwords at all would be a pain because my short memory span means I'd have to keep looking them up.
I thought for a while about installing FileZilla in a Linux VM. But then I realized that was a little silly.
Then I thought some more and then I remembered TrueCrypt. So anyways I installed TrueCrypt and made a 20 MB volume (actually I tinkered around with the size to get it to work right) and put a copy of portable FileZilla in there. Then in the start menu I created a shortcut to mount the volume (it asks for a password first). And then when it does that I can launch FileZilla. And when Im finished I close it down and it's encrypted again.
And whats more, I thought of that all myself. Other people have done it too when I googled it. I'm not sure if its a case of great-minds think alike or if I might have actually read it some years ago without actually remembering but it's a nice solution.
So anyways, I had three options:
1. Ignore it and continue to use FileZilla.
2. Find an alternative.
3. Find a way to use FileZilla safely.
Anyways, the first option isn't that good, because there are viruses out there that actually exploit the fact that FileZilla keeps its passwords in plain-text. Im careful with security but, IMO, it's too big a risk.
The second one I tried. I found WinSCP. It's nice in its own right, and I'm keeping it, but its not quite what I need.
Anyways, the third option. First off, not saving the passwords at all would be a pain because my short memory span means I'd have to keep looking them up.
I thought for a while about installing FileZilla in a Linux VM. But then I realized that was a little silly.
Then I thought some more and then I remembered TrueCrypt. So anyways I installed TrueCrypt and made a 20 MB volume (actually I tinkered around with the size to get it to work right) and put a copy of portable FileZilla in there. Then in the start menu I created a shortcut to mount the volume (it asks for a password first). And then when it does that I can launch FileZilla. And when Im finished I close it down and it's encrypted again.
And whats more, I thought of that all myself. Other people have done it too when I googled it. I'm not sure if its a case of great-minds think alike or if I might have actually read it some years ago without actually remembering but it's a nice solution.
