ETP Client Security

If you are experiencing problems with "Everything", post here for assistance.
Post Reply
dan_pub
Posts: 19
Joined: Sun Nov 08, 2009 9:14 am

ETP Client Security

Post by dan_pub »

My first question is about security for the ETP client.

In my home network I have a desktop, and a laptop that I often use from the terrace, or from bed. I use Everything to access and sync files on the other computer. Both machines have the ETP server activated, with a username and password.
So when on one machine I want to access the other one (usually to verify most recent version of a file), in my current Everything window i click tools/connect to ETP server, OK.
In that window the username is in clear, and the password is is hidden if I type it. All as it should be.
BUT! Everything remember the username, but doesn't remember the password.
So, if I don't want to re-type the password every time, my only option is to put it in the username (like this: myusername:mypassword).
Then the problem is that when I connect to the other computer, the password is displayed visible. If other people people are present, it is not so appropriate.
Would it be possible to have a tick box next to the password, "remember password" ?
_ _ _

A suggestion: when a search window is connected to an ETP server, the indication "path servername" is in the bottom-right status bar.
It is very unobtrusive, and easy to forget when working on a sync problem. Am I alone in often ending up not realizing what computer I am working on and blundering away? I'd plead for a more visible reminder, maybe in inverted colors boldtype, or such.
_ _ _

My second question is about security in the everything.ini file.
The password for the server is stored in clear text, which is not a great practice.
(And so is the history of last 3 usernames logged, which in my case of using usern:password is bad too)
Could they be encrypted in the ini?

Thanks
dan --- using 1.4.877 on win 7 desktop and win10 laptop
void
Developer
Posts: 16748
Joined: Fri Oct 16, 2009 11:31 pm

Re: ETP Client Security

Post by void »

Moved from ETP/FTP Server Help
Everything remember the username, but doesn't remember the password.
Instead of using Tools -> Connect to ETP server, please try creating a shortcut to launch Everything and connect to your ETP server:

Everything.exe -connect username:password@host:port

-connect


A suggestion: when a search window is connected to an ETP server, the indication "path servername" is in the bottom-right status bar.
It is very unobtrusive, and easy to forget when working on a sync problem.
The status bar text color can be customized under Tools -> Options -> Fonts and colors in Everything 1.5

Please consider the Everything Server to add the other PC to your index.


The password for the server is stored in clear text, which is not a great practice.
(And so is the history of last 3 usernames logged, which in my case of using usern:password is bad too)
Could they be encrypted in the ini?
I have on my TODO list to use base64.

Thank you for the suggestion.
dan_pub
Posts: 19
Joined: Sun Nov 08, 2009 9:14 am

Re: ETP Client Security

Post by dan_pub »

Thanks for your reply.

I created the shortcut Everything.exe -connect username:password@host:port and it works as expected.
It will solve my problem next time people are present.

Thanks also for the other suggestions, bur I'll wait until 1.5 is out of alpha before installing on those 2 machines.
Post Reply