Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

Re: Settings master password does not encrypt session passwords from old storage

Thanks for your opinion.

Well, I do not really agree. One might intentionally have multiple WinSCP configurations. And they should stay separated. Though I understand that the behaviour might be unexpected to some. So maybe some warning would be appropriate.
Baumi1990

Settings master password does not encrypt session passwords from old storage

Example:

WinSCP-User used Windows registry as storage before switching to INI file. After switching to use INI the user sets a master password. The passwords in the INI file are now encrypted with AES while passwords in the registry are not. So even though the user set a master password, thinking his passwords are safe, they are still easily decryptable from the registry.

While it is possible to encrypt the old storage by changing the configuration storage to Windows registry press OK and switch back to the new storage, setting a master password should automatically encrypt the old and new storage in my opinion.