Re: Windows Explorer may expose FTP passwords in plaintext
- From: "Alun Jones" <alun@xxxxxxxxxxxxx>
- Date: Mon, 21 Jul 2008 07:59:46 -0700
"Steve Riley [MSFT]" <steve.riley@xxxxxxxxxxxxx> wrote in message news:54DDFAE8-FFB4-4602-A4E1-ED414741F121@xxxxxxxxxxxxxxxx
I look at it this way... in the particular case of unencrypted FTP URLs, since the "userid:password" portion of the URL will be logged in cleartext in plenty of places besides the user's own profile, I don't see that there's much additional risk here.
I look at it this way... in the particular case of unencrypted FTP URLs, browsers - Internet Explorer included - have been woefully remiss in displaying and storing something that they know to be a password.
Perhaps it'd be a good idea to secure all of those places before implementing FTPS.
Alun.
~~~~
--
Texas Imperial Software | Web: http://www.wftpd.com/
23921 57th Ave SE | Blog: http://msmvps.com/alunj/
Woodinville WA 98072-8661 | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(425)807-1787 | Try our NEW client software, WFTPD Explorer.
.
- References:
- Windows Explorer may expose FTP passwords in plaintext
- From: Brian Knittel
- Re: Windows Explorer may expose FTP passwords in plaintext
- From: Stefan Kanthak
- Re: Windows Explorer may expose FTP passwords in plaintext
- From: Steve Riley [MSFT]
- Re: Windows Explorer may expose FTP passwords in plaintext
- From: Alun Jones
- Re: Windows Explorer may expose FTP passwords in plaintext
- From: Steve Riley [MSFT]
- Windows Explorer may expose FTP passwords in plaintext
- Prev by Date: Re: Biometrics
- Next by Date: Re: POSSIBLE HACK...PLEASE, PLEASE HELP!
- Previous by thread: Re: Windows Explorer may expose FTP passwords in plaintext
- Next by thread: Re: Windows Explorer may expose FTP passwords in plaintext
- Index(es):
Relevant Pages
|
