Is FTP considered outdated and not secure?

Question

How old is this video on FTP ?
I've come across readings mentioning the limitations of FTP (security, reliability).
What is replacing FTP?

James Anwyl · Answer

I would say its safer to assume that at some point someone will be tapped into your network, and plan accordingly.
Whether its safe to use FTP or not depends on the context and how sensitive the data you are sending is.
If you are connecting to an FTP server from an unsecured public wifi. e.g a coffee shop. Anyone else on that network can sniff the traffic and view your data in plain text. That data can include your login credentials.
However, if you use SFTP or a similar protocol, the data you send is encrypted. Meaning even if the attacker can see the data, they will have to decrypt it first to be able to read it.
Some sources
Owasp Top 10 - Sensitive Data Exposure (https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive_Data_Exposure)
Is authorisation of FTP safe... (https://security.stackexchange.com/questions/123413/is-authorisation-of-ftp-safe-against-sniffing-and-vulnerable-to-man-in-the-middl)

Matthew Boswell · Answer

In small business they tend to still use ftp, it is very unlikely that someone is tapped into their network.

James Anwyl · Answer

8 Years old according to 'Transfers' window in the video.
When you send data via FTP, it is sent unencrypted, in plain text. Meaning other people on your network may be able to see what you are sending. If you are sending sensitive information, you probably shouldn't use FTP.
SFTP (https://en.wikipedia.org/wiki/SSH_File_Transfer_Protocol) is a newer, more secure version that uses encryption.
Hope this helps :)

Welcome to the Treehouse Community

Looking to learn something new?

Natalie Tan

Natalie Tan

Is FTP considered outdated and not secure?

3 Answers

James Anwyl

James Anwyl

Matthew Boswell

Matthew Boswell

James Anwyl

James Anwyl