Why FileZilla Secure?
tl;dr at the time I started this project, FileZilla® did not encrypt saved FTP passwords and I got hacked, so I decided to implement it on own. Now Filezilla® has also decided to support encrypted passwords.
I've been a web developer for a while now and like most web developers I use FTP, a lot. I used, and loved, FileZilla®. It was intuitive, fast, and free. Plus it saved all my logins and passwords for me which made managing the dozens of sites I looked after much much easier.
Everything was fine for years until one day all of the websites I managed were hacked, filled with malware, and blacklisted from Google on the same day. How could this be?
I soon discovered that FileZilla® was storing all my passwords in a plain text file on my computer, and knowing this, malware authors and hackers are targeting this file. All it took was for me was to visit a website that had been compromised, the malware got into my system through some sort of browser exploit, and within seconds someone somewhere suddenly had access to all of my websites.
After spending almost a week trying to clean up this mess I was determined to never let this happen again. What could be done to prevent this? Other programs that save sensitive information like Firefox, Chrome, Bitcoin, and others use a master password to encrypt and protect your information. This way if someone gets a hold of your password file they won't be able to read it without the master password.
Adding master password functionality is the #1 requested feature for FileZilla®. Unfortunately the author of FileZilla® refuses to add this feature, insisting that it is the responsibility of the OS to protect your files. While I can see his point, the harder I make it for hackers the better as far as I am concerned.
So despite loving FileZilla® I switched to WinSCP which has master password support. It was slow and the interface was horrible but what could I do? I couldn't risk getting hacked again.
After much frustration I finally decided to modify FileZilla® and add the master password support so that I and others could once again use the FTP client I love without risking everything.
Bonus: More Speed!
The maximum number of transfer threads has been increased from 10 to 1000! While 1000 is not recommended 20, 50, and even 100 threads has been shown to work and has increased transfer speeds by over 5x.