Master password: hide all!

Advertisement

Gamunity
Joined:
Posts:
4

Master password: hide all!

I have a master password for all my ftp accounts, which is a great protection.

However, i think it is a security vulnerability that, WITHOUT knowing this password, someone can just start WinSCP and browse through my accounts and read everything except the password. That opens the door for a brute force attack and gives info about the server that might be vulnerable.

I would prefer it to be like this: immediately after WinSCP gets started the program asks for the password (absolutley nothing can be done without it).

It would also be great if the other ftp account related info in the config file would be encrypted, too, to make the security watertight!

Thank you for your time!
A. Lind

Reply with quote

martin
Site Admin
martin avatar
Joined:
Posts:
27,253
Location:
Prague, Czechia

Re: Master password: hide all!

Thanks for your suggestion.
Will see if more people ask for this.

Reply with quote

Advertisement

You can post new topics in this forum