dickturpin — 2012-11-16T21:58:15-05:00 — #1
One of my websites was recently prey of a vicious attack of malware, I've already cleaned it up and is back-up again, seems like the cause was the Filezilla client stored credentials, that the attacker used to get access to the site directory and upload the corrupted files.
Now I need to know what is the best way to store a big amount of credentials (FTP's, databases creds, admin passwords, etc)?
I've been storing all my password on a password protected WORD document stored on cloud service, what you guys think about this method? and is there any better you recommend?
Thanks in advance, I'm kinda new to managing websites and i'm trying to get my way around things the best as possible and learn the most I can (in the shortest period of time XD) .
wwb_99 — 2012-11-17T16:37:18-05:00 — #2
Use one of the thousand or so password safe products out there. Lastpass, keeppass, onepassword come to mind. Personal favorite of mine is Secret Server, their cloud option is free for a single user.
doug_g — 2012-11-17T21:55:34-05:00 — #3
If you're using filezilla make sure you keep stored credentials safe. Filezilla client stores any site login credentials in plain text, and it's up to you to protect the stored info.
logic_earth — 2012-11-17T22:33:16-05:00 — #4
FTP sends the credentials in plain text over the network anyways, making it pointless.