Master password

My suggestion is to allow the master password to be input from another source such as a parameter which in itself is stored in an encrypted parameter file instead of always via the keyboard every time Win scp is started. Trojans or viruses acting as keyword or clipboard-loggers are much more common than hooking into process startup. I know this is circuitous but the source key for the parameter file could be the master password too, once you have entered the master password it uses itself as the key to encrypt itself.

Key logging on Windows is so prevalent that my suggestion is preferable to typing plain text each and every time I start up Winscp.

Sorry, I'm not sure if I understand the idea. You want to store the master password into a file protected by another master password? Where do you get the latter one from?

martin wrote:

Sorry, I'm not sure if I understand the idea. You want to store the master password into a file protected by another master password? Where do you get the latter one from?

My explanation was confusing, it was late...

When you enable the master password the very first time, and you request the master password to be stored in the parameter file then WinSCP would use an internal key to allow decryption/decryption of the parameter file. That key would not be typed in plain text but would be known only to WINscp and possibly contained within the binary. Heavily obscured and unique to each Winscp installation.

WsFTP does something similar, all the passwords are encrypted but you do not supply a plain text master password as WsFTP has its own master key. WsFTP isn't open source and I think the key can be stored in the binary. I do not know whether the WsFTP key is unique to the installation, I suspect it isn't.

OK, I suppose it is not that secure - but it could be better defence to key loggers than typing a plain text master password every time. Whether you think it is secure or not depends upon what you are trying to protect yourself from.

My problem is that I open and close Winscp several times a day and each time I have to type the master password. Lots of opportunity for a key logger to get access.

What about encrypting the passwords with private key and utilising Pageant to avoid entering the the key passphrase every time WinSCP is started?

That's an idea and I'll have a look at it.

How's this for a return idea? Once WinSCP has been run and a password entered then it minimises itself to the system tray and stays in memory, retaining the passwords. There would be no need for pageant.

yereverluvinunclebert wrote:

How's this for a return idea? Once WinSCP has been run and a password entered then it minimises itself to the system tray and stays in memory, retaining the passwords. There would be no need for pageant.

WinSCP can minimize to tray already, so you can use it this way.

I do think it would be good if Winscp minimised on exit or close, or an option to do this could be added.

If this were enabled then to actually shut winscp you would simply hover over the minimised icon in the system tray and the exit option would show in the menu there. That would force a real close, otherwise it is simply minimised to tray.

Reason for this is that when you accidentally close winscp (which I always seem to do by mistake when I have no sessions open and am simply trying to close just the session manager). Then Winscp will still be running ready for the next session and you will not have type the master password again and again.

I have several bits of useful software that operate in this fashion, iconoid is one that minimises to the systray when the close button is pressed.

Reasons being, that it is annoying to type the master password multiple times in a day. I am also paranoid about security is that my clients have been hacked by keyloggers and have had four website defaced due to passwords being stolen. Master password is no defence against a key logger and typing the master password several times a day clearly exposes you to more danger. Also, typing it in so many times means that you are susceptible to over-the-shoulder stealing of your password. One of my clients tried to guess my password the other day after I had typed it in for the fifth or sixth time.

By the way I appreciate the huge amount of work that has gone into beta 5.

Still think this is a good idea. I have some open/source software called Cinta Notes. It works in the same way. If you click the window close button then it simply shuts the current window but Cinta notes is still available from the system tray.

If this change were applied to WinSCP whenever you close WinSCP it would merely retreat to the system tray as it does now when you minimise it.

To close WinSCP permanently you would have to right click on the icon in the systray and select 'exit'

This would mean you would only type the master password once the very first time you started WinSCP and you would not need to do so again whilst the machine remains switched on and you stay logged in.