Lightroom: Configure FTP File Transfer - encrypted password store.

  • 2
  • Idea
  • Updated 7 years ago
Presently we have:

Password: ********
[v] Store password in preset
The password will be stored in plain text.

And if you don't opt for insecure storage, you get no storage at all - and have to enter the password every single time - two yucks!!!

I'd like:
Password: ********
[ ] Store password in preset [v] Store password encrypted

i.e. option to store password in encrypted store - indexed by protocol+server+username.

This is easy enough to implement via plugin (using LrPasswords), but then one has to re-implement the entire dialog box to make it seamless, and still the user has a non-standard interface.

A native implementation would be better for plugin programmers and users alike.

Bonus idea:
---------------
Deep 6 the plain text storage altogether and auto-migrate existing passwords to encrypted store upon first opportunity.
Photo of Rob Cole

Rob Cole

  • 4831 Posts
  • 382 Reply Likes

Posted 7 years ago

  • 2
Photo of jdv

jdv, Champion

  • 728 Posts
  • 56 Reply Likes
The better solution is to ditch FTP altogether and force sFTP, with all the key management that this offers.

It isn't that terrible if the password is stored locally or not with FTP -- the password is sent over the wire in plaintext anyway.
Photo of Rob Cole

Rob Cole

  • 4831 Posts
  • 382 Reply Likes
FTP needs to be supported, and having the password stored on the machine in plain text is bad, bad, bad (hint: wire sniffers are not the problem).
Photo of Rob Cole

Rob Cole

  • 4831 Posts
  • 382 Reply Likes
btw, SFTP passwords are *also* being stored in plain text format.
Photo of Rob Cole

Rob Cole

  • 4831 Posts
  • 382 Reply Likes
The red text color for the warning is a nice touch, so users can know to be worried, but having to enter a password every time is not a satisfying alternative.