

Select the most appropriate option (in most cases, you’ll just want to use the “Create an encrypted file container” option – for purposes of this tutorial, this is the option that was chosen).Open TrueCrypt and press the Create Volume button.Download and install TrueCrypt (available for Windows, Mac and Linux).You can do this by following these simple steps: The other option is to encrypt the stored data yourself, using a program like TrueCrypt. The important part of this process is to throw Filezilla into “kiosk mode”, which stops it from storing any of the information from your recent connections. The first is described in a post from Stellar Web Works, in which Aidan Curran explains how to use a password management program to store your information, and send it to Filezilla automatically. However, there are two potential methods you can use to try to make things a little more secure. I would imagine that any FTP program is going to be vulnerable to various security holes no matter what and the more convenient the program is to use, the more potential holes there will be. Unfortunately, there isn’t really an ideal solution. Īs you can imagine, this poses a serious potential security risk. The format of the entries looks similar to the following. These are plain old XML files with all of the information stored in plain, non-encrypted text. Unlike a Web browser, where, if you choose not to use the password manager none of your passwords are stored Filezilla still stores all of the details from your most recent connection in a file called filezilla.xml and all of the details from your 10 most recent connections (at least, the ones you make by typing the information into the Filezilla interface which is the only way to connect if you are not using the Site Manager) in a file called recentservers.xml, even if you choose not to use the Site Manager. There are actually multiple levels of danger in using Filezilla (and, presumably, many other FTP clients).

It would be really nice to have some sort of option to encrypt the passwords, but I don’t see that happening any time in the near future. While I strongly disagree with this practice, I also understand that there are reasons not to do so. As you may or may not know, Filezilla, the extremely popular FTP client, stores all of your FTP passwords in plain text on your hard drive.
