Comments on: Warning: FileZilla FTP Passwords now Stored in Plaintext

By: Claudio

Claudio — Sun, 08 Apr 2012 04:46:37 +0000

Thanks for share! You save my day!

By: Anonymous

Anonymous — Sun, 12 Feb 2012 17:45:28 +0000

Awww fail security experts are fail.

Anything else with a save password box is just as big a risk you tools.

Complaining about getting your ftp password is like complaining about getting the clap from your $5 hooker.

By: slotenmaker

slotenmaker — Sat, 26 Nov 2011 09:39:23 +0000

I am not gonna stop using FileZilla at my primary FTP client, but this is really good to know.
Maybe remove the XML file each time ?

By: At Least Take Me to Dinner First | An Utter Waste of Time

At Least Take Me to Dinner First | An Utter Waste of Time — Mon, 29 Aug 2011 02:54:15 +0000

[...] http://unsharptech.com/2008/05/20/filezilla-ftp-passwords-stored-in-plaintext/ [...]

By: Alvaro Gomez

Alvaro Gomez — Fri, 26 Aug 2011 06:09:18 +0000

Thanks it really helped

By: shreya

shreya — Wed, 03 Aug 2011 05:27:01 +0000

Hello,
I usually access confidential data as a part of my job.
But once i had accessed an FTP site using FireFTP using mozilla firefox on someone else’s machine with remember password enabled. But later I deleted that account. Is there any possibility of recovering that account by that person, & which are the locations where the password for that account can be stored.
I am really worried because this can lead to huge loss. Please help, Its very urgent so that i can take some action.

By: David Hervieux

David Hervieux — Mon, 28 Mar 2011 01:38:18 +0000

Hi,
You can use Remote Desktop Manager to store your password safely for Filezilla. The Enterprise Edition also support to supply automatically your KeePass credentials to Filezilla.

http://remotedesktopmanager.com/

By: Julian

Julian — Fri, 28 Jan 2011 15:06:32 +0000

Hi,

just to let you know what can happen due to this vulnerability: http://www.phpbb.com/community/viewtopic.php?f=46&t=2118751

this is just one of many examples over the past week.

I’m glad it didn’t happen to me yet and I kicked filezilla off my computer and will use WinSCP from now on.

greetings

By: Dilip Gupta

Dilip Gupta — Mon, 15 Nov 2010 10:27:39 +0000

Hey Boddy….

I am using win2k server. I have searched the files u mention but unable to get the files filezilla.xml. Can u any one please suggest me to get store ftp server pawword to retreave from filezilla firefox.

Regards
Dilip Gupta

By: Aidan

Aidan — Thu, 23 Sep 2010 05:43:24 +0000

My Solution is to use KeePass (a free open source password manager) to store all the connection details instead of using FileZilla’s site manager. KeePass has some automation features that then allows me to fire up FileZilla and log in to the FTP site. I can even use it to set local and remote directory paths. Here’s how I set it up:
http://sww.co.nz/an-alternative-to-storing-passwords-in-filezilla-or-other-ftp-clients/

Cheers,
Aidan