SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Member DickTurpin's Avatar
    Join Date
    Nov 2012
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Thumbs up Best way to store a big amount of password while maintaining security

    Hello everybody,

    One of my websites was recently prey of a vicious attack of malware, I've already cleaned it up and is back-up again, seems like the cause was the Filezilla client stored credentials, that the attacker used to get access to the site directory and upload the corrupted files.

    Now I need to know what is the best way to store a big amount of credentials (FTP's, databases creds, admin passwords, etc)?

    I've been storing all my password on a password protected WORD document stored on cloud service, what you guys think about this method? and is there any better you recommend?

    Thanks in advance, I'm kinda new to managing websites and i'm trying to get my way around things the best as possible and learn the most I can (in the shortest period of time XD) .

  2. #2
    SitePoint Author silver trophybronze trophy
    wwb_99's Avatar
    Join Date
    May 2003
    Location
    Washington, DC
    Posts
    10,625
    Mentioned
    4 Post(s)
    Tagged
    0 Thread(s)
    Use one of the thousand or so password safe products out there. Lastpass, keeppass, onepassword come to mind. Personal favorite of mine is Secret Server, their cloud option is free for a single user.

  3. #3
    SitePoint Addict
    Join Date
    Apr 2009
    Posts
    357
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    If you're using filezilla make sure you keep stored credentials safe. Filezilla client stores any site login credentials in plain text, and it's up to you to protect the stored info.
    Doug G
    =====
    "If you ain't the lead dog, the view is always the same - Anon

  4. #4
    . shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    FTP sends the credentials in plain text over the network anyways, making it pointless.
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.



Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •