On Thu, Jun 28, 2012 at 12:35 PM, Shane Johnson <s...@rasmussenequipment.com> wrote:
> > Please remember that FTP by nature is insecure. All it would take is > for someone to packet sniff the connection and they would have the > user name and password to the account as they are transmitted in plain > text. Yes, this is all correct. However filezilla does sftp as well and SFTP session passwords are also saved in this plain text file as a human readable password. That typically translates to SSH access. In case this is lost on anyone, we are NOT talking about sniffing, but drive by malware reading a plain text file on the client OS containing the password. Even if you do not check the box for saving the password, the most recent entered password is saved there. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CA+AKB6ExyFTWPjq=jmqkjsqjxhxqqwcb-naikn9u10h0jt0...@mail.gmail.com
