Bug ID: 934256
Summary: Passwords maintained by Filezilla are easily recovered
in some cases
Product: openSUSE Distribution
OS: openSUSE 13.2
Priority: P5 - None
QA Contact: qa-bugs(a)suse.de
Found By: ---
I'm testing with LaZagne:
Or in OBS @ home:gregfreemyer:Tools-for-forensic-boot-cd LaZagne
Running LaZagne under my normal user account recovered one filezilla stored
The amount of time taken was near instantaneous so I believe the password was
simply decoded, not cracked in the sense of "John the ripper".
The password was associated with a SFTP account, so it is a password I consider
needing to be kept securely.
I don't know if Filezilla simply handles passwords poorly or if it can be
compiled differently to store passwords securely.
You are receiving this mail because:
You are on the CC list for the bug.