Can I recover password stored in WinSCP session?

Yes you can. And in fact anybody with access to your computer can do it too. That’s why you should NEVER store your password to WinSCP session without using master password. Read more about security of stored credentials.

Advertisements:

One way is to recover your password is enabling a password logging in preferences. See Log passwords and other sensitive information preference option. Then inspect the session log file to find the stored password.

. 2015-07-02 18:44:56.823 --------------------------------------------------------------------------
. 2015-07-02 18:44:56.823 WinSCP Version 5.7.4 (Build 5553) (OS 6.3.9600 - Windows 8.1)
. 2015-07-02 18:44:56.823 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2\
. 2015-07-02 18:44:56.823 Log level: Normal, Logging passwords
...
. 2015-07-02 18:44:56.823 --------------------------------------------------------------------------
. 2015-07-02 18:44:56.823 Session name: My server (Site)
. 2015-07-02 18:44:56.824 Host name: example.com (Port: 22)
. 2015-07-02 18:44:56.824 User name: martin (Password: mypassword, Key file: No)

You can also abuse a Generate URL function to retrieve the saved password. Note that special symbols in the password may get URL-encoded, see a decryption key.

Remember, once you recover your password, change it to a new one, and DO NOT store it again!

If you want to continue storing your password, protect it by master password.

 
  faq_password.txt · Last modified: by prikryl
 

Search Documentation

This page

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

Associations

Site design by Black Gate