Jump to content


Integration with password managers

  • Please log in to reply
2 replies to this topic

#1 iandunn

  • Members
  • 7 posts

Posted 30 April 2011 - 03:47 PM

Last year my computer got infected with a virus and it stole the passwords I had saved in SmartFTP for about 100 FTP sites. It then logged into all of those sites and infected dozens of files on each site with trojans. It took me two weeks to clean everything up. I'm not the first person this has happened to, either (1, 2, 3).

Since then I've stopped saving passwords in SmartFTP completely, but now it's a pain in the ass to have to type the password in each time I connect to a site. It'd be a huge improvement if SmartFTP could integrate with some of the popular password managers, like KeePass and 1Password. That way, passwords could be stored securely in a central location and automatically filled in. Web browsers are already doing this.

Yes, there would still be other ways to steal the passwords, but that's not a good reason to avoid doing this. You lock your doors even though a thief can always just break a window...

Edited by iandunn, 30 April 2011 - 03:50 PM.

#2 mb



  • Administrators
  • 11935 posts
  • Gender:
  • Location:

Posted 30 April 2011 - 05:20 PM

There are actually plans for this. But if you care about security you shouldn't use plain-text passwords in the first place. Instead use certificates (with a private key, non-exportable) stored in the Windows cert store. Once your computer is infected, all password can be extracted from any FTP client with very little effort, regardless of the way they are stored.

#3 iandunn

  • Members
  • 7 posts

Posted 03 May 2011 - 01:43 PM

Thanks, I'm glad to hear it's being worked on :o

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users