A word of warning

Like with any security or cryptographic product, there are a number of concerns that should be addressed. To use WinSCP securely, you should understand how the program works and the concepts involved. Improper usage is often insecure usage, so please be sure to read the manual completely.

Host Security

The security of the computer running WinSCP is a serious concern. Trojan Horse and Backdoor programs can steal authentication credentials such as passwords and private keys that have been stored or entered on the computer. Public computers often have session monitoring software - including key loggers - or other malicious software.

WinSCP can support SSH "keyboard-interactive" authentication methods if offered by the server. With keyboard-interactive authentication, the server can prompt for special credentials such as a S/Key one-time password or RSA SecurID generated value. These "disposable" credentials are preferable if you must use a public computer. Contact your system administrator to find out if any form of one-time authentication is offered.

Stored Credentials

WinSCP supports storing passwords with saved sessions. This is provided as a convenience, and is not recommended, unless protected by master password. If you need to be able to log in without reentering your credentials, the recommended method with SSH is to use public key authentication and protect your private key with a pass phrase. The SSH Key Agent provided by PuTTY, Pageant, can store the decrypted key in memory, allowing you to enter your credentials once and continue using them until you close down the agent or log off of Windows entirely.

Saved passwords, unless protected by master password, are stored in a manner that they can easily be recovered. It is not possible to securely encrypt passwords in a way that still allows for automatic use. Do not use the save password feature if you are not absolutely sure of the physical and electronic security of the system on which you are storing passwords.

Password storing can be restricted by system administrator.