3 Methods to Recover FTP Password Saved in FTP Client Software

FTP client software is normally used to connect to a web server with an FTP server service running so that the webmaster can upload files to the server. There’s quite a few FTP client applications available and one of the most popular, if not the most popular, is FileZilla because it is free, open source and frequently updated. A common feature found in FTP client software is a site manager that acts like a bookmark where you save the FTP server login details to easily and quickly connect to a FTP server with a single click of a mouse button.

filezilla site manager

Once we have the FTP client software configured, most of the time we don’t even need to know the current login password unless there’s a situation where you want to use a different FTP client and need to migrate all the FTP login details to the new software. If you’ve lost the welcome email from your web host, here we show you 3 different methods to recover your FTP password that is saved in your FTP client software. Each method can help to recover your FTP password saved in your client software so it is just a matter of which one you prefer to use.

Show the password hidden behind asterisk

The technique of revealing a password that is hidden behind asterisks or bullets has been around for a very long time since the days of Windows 95. There are quite a number of free programs that belongs in this category and we’ve previously covered 6 of them. Below is an example of using BulletsPassView to reveal the hidden password from FileZilla’s Site Manager.

bulletpassview

Do take note that most of these password unmasking tool may be detected by your antivirus program as a potentially unwanted program or a hack tool but rest assured that they do not cause any problems on your computer.

Sniffing network traffic for FTP password

FTP is an old and insecure protocol that transfers the login credentials in clear text. By sniffing the network traffic packet, you can actually see all the information such as the username, password, port, FTP server address and etc that is sent by the FTP client software in the packet sniffer. For the more advanced user, you can use Wireshark which is one of the most powerful and free packet sniffing programs, or you can settle with a simple packet sniffing program that is made to capture the FTP username and password.

1. FTP & Mail Password Recovery

FTP & Mail Password Recovery is a small (14KB) and simple Java based program that creates a fake FTP or mail server and listens for incoming connection to capture the sent login information. This would mean you’d have to configure your FTP program to connect to localhost or 127.0.0.1 instead of your real FTP host.

ftp password recovery

If you’re trying to capture the user and password sent by FileZilla, you should change the encryption to “Only use plain FTP (insecure)” option instead of using the default “Use explicit FTP over TLS if available”. This option can be found in Site Manager under the General tab.

Download FTP & Mail Password Recovery


2. SniffPass

If for some reasons you are restricted from changing the FTP host to localhost, another program that can help you to recover your FTP password is by using SniffPass. An advantage in using SniffPass is you don’t need to make any changes to the settings in your FTP client application and SniffPass is able to capture your FTP password once you make a connection.

sniffpass

You can try using the Raw Sockets capture method but if that doesn’t work, you’ll need to install the WinPcap packet capture driver. Another possible problem that you might face is Firefox and Chrome blocking the download because they’ve detected SniffPass as malicious. You can easily bypass this by using Internet Explorer or Microsoft Edge browser.

Download SniffPass

3. FTP Password Sniffer

FTP Password Sniffer is created by SecurityXploded which is the home of many free password cracking tools. However, you’d have to pay extra attention when installing any of their programs because their setup installers are bundled with adware which will automatically download and install if you’re not careful. FTP Password Sniffer works in a similar way to SniffPass except it requires WinPcap drivers to work.

ftp password sniffer

To use FTP Password Sniffer, you’ll need to select the network adapter that is used to connect to the Internet. Once the correct network interface has been selected, click the Start Sniffing button and then connect to the FTP server using your FTP client software. The capture FTP login information will be displayed in the FTP Password Sniffer interface.

Download FTP Password Sniffer

Decrypt Saved FTP Password

The saved FTP login details in your FTP client software is stored somewhere on the computer, either as an external file or in the Windows registry. The details can be either encrypted or in clear text depending on the developer of the FTP client software. As an example, the older versions of FileZilla save the FTP site details in a file called sitemanager.xml as clear text but the recent version encodes the password with base64 encryption.

There is some FTP password recovery software that can scan the whole computer for known locations of the saved FTP password but most of them are shareware. One of the very few freeware tools that can instantly decrypt the login information of supported FTP clients is FTP Password Decryptor created by SecurityXploded. Do take note that FTP Password Decryptor setup installer automatically downloads adware and wrongly clicking the Agree button will install the unnecessary program into your computer.

ftp password decryptor

FTP Password Decryptor only supports FileZilla, SmartFTP, FlashFXP, FTPCommander, Dreamweaver and WS_FTP. We’ve briefly tested with the latest version of FileZilla and it did not find the login information that is stored in the sitemanager.xml file. From their documentation, it seems that their program will only parse the file recentservers.xml. Do take note that this recovery method is also not effective against portable FTP client software that is stored in non default locations.

Download FTP Password Decryptor


We discovered that SmartFTP, a shareware FTP client comes with an independent password recovery tool supporting 14 different types of FTP client software which are Core FTP, CuteFTP, Cyberduck, FFFTP, FileZilla, FireFTP, FlashFXP, FTPRush, FTP Voyager, FTP EXpert, PuTTY, Total Commander, WinSCP and WS_FTP. Unlike SmartFTP, the password recovery tool is actually free and portable which can be found in the program’s directory as the filename PasswordRecovery.exe after installation.

smartftp password recovery

Do take note that although the SmartFTP password recovery tool is portable, it has some dependencies like msvcp140.dll, vcruntime140.dll, mfc140u.dll, etc. You can use third party tools such as Dependency Walker to scan for the required files and make sure that they are stored at the same location as the password recovery tool.

Download SmartFTP

Recover and Decrypt FileZilla FTP Client Password

As we’ve mentioned earlier, FileZilla’s password is now encoded with Base64 format which is slightly better than saving the credentials as clear text in a XML file. Decoding Base64 format is not difficult at all because all you need to do is copy the encoded password from the XML file and paste it to a web based Base64 decoder to reveal the password.

The standard FileZilla installation normally installs the program in Program Files while the configuration are stored in the user’s AppData folder. To avoid any confusion, an easier solution is to run FileZilla, go to File on the menu bar and select Export. Tick the “Export Site Manager entries” checkbox, click OK and save the XML file to a recognizable location such as Desktop.

export filezilla setings

Open the exported XML File and look for the line that has <Pass encoding="base64">.

copy base64 encoding

Visit this website https://www.base64decode.org/, paste the encoded password to the first top box and click the DECODE button. In just a second, the decoded password will be shown at the box below.

filezilla password decoded

You might also like:

12 Comments - Write a Comment

  1. Mike Geek 5 months ago
  2. Swarup 5 years ago
  3. Autoform 5 years ago
  4. IT support UK 5 years ago
  5. Frank 5 years ago
  6. pceasies 5 years ago
  7. Frank 5 years ago
  8. Mostafa 5 years ago
  9. Zapped Sparky 5 years ago
  10. Sameer Manas 5 years ago
  11. Saurabh Mukhekar 5 years ago
  12. a 5 years ago

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Your comment is subject to approval. Read our Terms of Use. If you are seeking additional information on this article, please ask in our forum or contact us directly.