I don't know if the passwords are already encrypted or not, but in both cases this should be improved.
I had a virus last sunday and afterwards in four FTP root directories, all stored ONLY in SmartFTP, a file called "ftpchk3.php" and "ftpchk3.txt" was found. Everytime uploaded from a different IP.
Edit: If you ask, what this has to do with SmartFTP, here some clear words: There is a virus, which reads login data explicitly from SmartFTP.
Edited by King555, 07 March 2008 - 08:19 PM.