Robo-FTP Server

Frequently Asked Questions

The FAQ list is a great starting point for basic questions about what you can do with Robo-FTP.

Orange_arrowOrange_arrow Browse the FAQ list now

Getting Started

Browse these tutorials and sample scripts to get up and running with Robo-FTP in minutes.

Orange_arrowOrange_arrow Browse tutorials and samples now

Contact Technical Support

If you can't find the answers you need online, get in touch with our Technical Support staff.

Orange_arrowOrange_arrow Contact Technical Support now

Professional Services

Need more than basic technical support? Our Professional Services team can help you deploy a complete solution.

Orange_arrowOrange_arrow Contact Professional Services now

Enter search queries below or use the tag links to the right to browse the knowledge base by category (Show All Tags).

How Robo-FTP encrypts and stores passwords (Robo-FTP 3.10.x and later)

By default Robo-FTP stores passwords and passphrases encrypted using Microsoft DPAPI.

DPAPI has two modes: user based encryption and system based encryption. We use a secret key in the encryption so that only our software knows everything necessary to decrypt the passwords, but when using system encryption anyone who gains access to the system can use the password. For example, users who gain access to the system will be able to run Robo-FTP scripts that use those encrypted passwords. However, they will not be able to view or export encrypted passwords through our software unless they have write access to the configuration store it is from (either the system-wide store or the current user store).

You can control which store you are writing the password to by selecting Current User or System when you start the Configurator. If the Configurator does not present this option when you start it, this means you have write access to the system wide configuration store without having to elevate privileges. See the permissions on the directory %installdir + "\ProgramData".

ex: "C:\Program Files (x86)\Robo-FTP 3.10\ProgramData"

If you wish to limit access to the configuration data to one user account, then disable (uncheck) "Use Administrator Decryptable password storage for users" in the Settings page of Configurator and select Current User when starting the Configurator. Doing so will use current user encryption under DPAPI, requiring compromising the specific user to gain access to those passwords and passphrases.

Warning: If you change the user's password from an administrative account instead of having the user do it themselves you will no longer be able to decrypt that user's passwords and passphrases.

Article last updated: 2016-10-31

Tags: Robo-FTP, Configuration, passwords, Encryption

Home | Solutions | Professional Services | Technical Support | Download | Company | Contact Us | Partners | Site Map | Terms of Service | Privacy Policy | Buy Now