FileZilla Password Hack – Retrieve the domain login credentials stored in FileZilla Site Manager!

This’s a very beginner tip. But I thought this could be worthwhile to share for those who don’t know.

If you ever forget your password to your domain after setting it up on FileZilla, don’t fret. You can retrieve your password just easily enough.

Go to your AppData folder. For me, it’s at here. See the screenshot.

C:\Users\Robin Mathew Rajan\AppData\Roaming\FileZilla

 

AppData Folder

AppData Folder

Conversely, you can also type %AppData% to quickly go into that folder. And thereafter, go to Roaming>FileZilla folder as you can see in the screenshot.

 

RUN Dialog Box

RUN Dialog Box

In the FileZilla folder, all files are XML files except one. For this tutorial, we need only one file. And that is the sitemanager.xml. Open that XML file with any of your favourite text editors. My favourite is NotePad++. After opening it, you can see your domains that you configured in the FileZilla earlier. And you can also see its passwords under the <Pass> </Pass> string.

Although it’s easy to retrieve the old passwords like this way, it also exposes security vulnerability of FileZilla password management. These passwords are not in the encrypted format. That means these are in ‘clear text’. So it’s wise to use any cryptographic utilities like TrueCrypt, to encrypt your system drive. If the complete encryption of your system drive seems non-feasible to you, use the portable version of FileZilla and place all the contents in an encrypted file container.

Note: TrueCrypt is safe to use. Although the official site says otherwise, I don’t believe it.

Copyright: Text is licensed to Robin Mathew Rajan under the Creative Commons Attribution-ShareAlike 3.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/.

Creative Commons Attribution-ShareAlike 3.0 Unported License

Creative Commons Attribution-ShareAlike 3.0 Unported License

Leave a Reply