Where are the ftp passwords stored?

Somebody broke into my computer it seems and stole the ftp passwords from Opus. No, I didn't have global password set ;-(

I want to find out exactly what happened, so please can you tell me where are the passwords stored in the first place, so to know how he could got this info. I got a trojan few days back and I have reverted my machine to before that so all the evidence is gone, but is there any known trojan who knows how to look for opus passwords in FTP? I thought opus is a kind of... for us geeks not for masses :wink:

If the global password was not set then someone who had control of your PC could have got the passwords directly from the FTP Address Book UI, without accessing the config files directly.

Whether the global password is set or not, any saved passwords can be found in /dopusdata/ftp.oxc and also in any Layouts, Styles or Folder Tab groups that were saved with logged-in FTP sites.

The passwords in those config files are obfuscated, but they would not be difficult to work out for someone who had the files, since Opus has to be able to work them out in order to send them without any other secret data.

I think the access was not direct, but with a script who got the ftp.ooxc. I guess such trojans exist...

The trojan would not necessarily need to be dopus aware. There have been attacks that would search for files in the appdata that contain user credentials, in this case they would only need to look for a file that contains 'user' and 'pass'.

Would be nice if we could have a master password that was used as an encryption key for storing the FTP credentials.

That's not a bad idea, although tools like 1Password and Keepass let you do that and work with everything, not just Opus.

We've made the password dialogs so they're easy to use with password managers (e.g. they should always include details of the site in their window titles, so the tools can auto-type the right password into Opus).

That's good to know. I use LastPass might check out 1Password and Keepass.

50% off 1Password deal currently available, btw.