Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

Re: security issue

I do not know anything about your network. But it is quite common that your profile (including WinSCP sesttins) is stored on network servers and it is accessible for you from any desktop connected to the network.
Guest

Re: security issue

martin wrote:

Sorry, I do now understand what you mean by "the installed version contained my saved session, with the password". If you have copied your configuration, then you have copied your password too. That's natural.


Certainly. What I mean is something different: I installed winscp on 2 computers located in the
same office and not connected to each other.
I first installed it on PC1 and saved a session
with the password. Then I shut down PC1, powered up
PC2 and installed winscp on it. When the installation
was completed, the session saved on PC1 was already
present on PC2, complete with the password.
Once again, I did not input or save this session
on PC2; it just came in from the internet together
with the application.
martin

Re: security issue

Sorry, I do now understand what you mean by "the installed version contained my saved session, with the password". If you have copied your configuration, then you have copied your password too. That's natural.
umd

security issue

I installed WinScp on a PC and stored
a session with a password.
When I installed it on a laptop using
the same internet connection (but
a different IP, clearly), the installed
version contained my saved session,
with the password.
This is truly scary: how is this
possible at all?
Has my password been compromised?