FileZilla integrates master password support

Martin Brinkmann
May 26, 2017

The developers of the FTP client program FileZilla have integrated support for a master password protection in the FTP software.

FileZilla is a popular FTP client that you may use to access FTP servers that are in a private network or on the Internet.

While you can use modern web browsers for that as well, they don't offer the comfort options that dedicated programs like FileZilla bring to the table. That may be okay for a quick download from an FTP server, but if you need to upload or edit files for instance, you cannot make use of web browsers for that (unless you install browser extensions that add support for that).

FileZilla allows you to connect to FTP servers using temporary data, or by adding FTP server data to the program. The latter is useful if you happen to connect to a server regularly, as you don't have to enter server address, username, password and maybe port each time you need to connect to it.

FileZilla Master Password

filezilla master password

FileZilla stores information about sites that you add to the program in the file sitemanager.xml by default. It is a plain text file that anyone with access can open to list the configured sites. Passwords are encoded using base64 encoding, but are easily decoded using online services such as Base64 Decoded.

This changes with the upcoming release of FileZilla 3.26.0 (available as a Release Candidate currently), as it adds a master password option to the FTP program.

You can set up a master password to protect all saved passwords of FileZilla in the following way:

  1. Make sure you have FileZilla 3.26.0 or higher installed on your system.
  2. Open FileZilla.
  3. Select Edit > Settings.
  4. Switch to the Interface page.
  5. There you find the passwords section. The default is set to save passwords.
  6. Select "save passwords protected by a master password" from the list, and enter the desired password. It needs to have at least eight characters.
  7. Select OK to save the change.

Note that all passwords are protected by the master password from that moment on.

password protected

FileZilla prompts you for the master password when you connect to the first saved site. You are asked to enter it in the prompt, and may select the "remember option" so that you are not prompted again during the same session.

filezilla enter master password

If you don't want that, remove the checkmark from the option before you click on ok.

Closing words

Adding a master password improves the security of saved FTP sites significantly. You do need to make sure however to remember the password, as you will lose access to all sites if you cannot enter it correctly anymore when prompted for it.

FileZilla integrates master password support
Article Name
FileZilla integrates master password support
The developers of the FTP client program FileZilla have integrated support for a master password protection in the FTP software.
Ghacks Technology News

Tutorials & Tips

Previous Post: «
Next Post: «


  1. Sans Serrif said on March 5, 2018 at 2:16 pm

    Unfortunately this is not the default for Linux, so we’re still struggling with an unsecure FileZilla. What a drag.

  2. George said on May 28, 2017 at 10:38 am

    What’s wrong with WinSCP? In the FileZilla Secure website they mention: “So despite loving FileZilla I switched to WinSCP which has master password support. It was slow and the interface was horrible but what could I do?”

    Not really the most elegant of descriptions but anyway, never had “slowness” or any type of issues with it.

  3. Ed said on May 27, 2017 at 7:21 pm

    Good point. Have been using Filezilla Secure and expect it will now be less relevant.

  4. Jon said on May 27, 2017 at 5:20 pm

    If it wasn’t for the Filezilla Secure fork last year this never would have happened.

  5. Ray said on May 26, 2017 at 6:23 pm


  6. Ed said on May 26, 2017 at 3:32 pm

    No sh*tski. Took forever.

  7. G Mariani said on May 26, 2017 at 2:59 pm

    holy crap about time

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.