The FTP access method
FTP is a non-secure access method that relies on a password you establish to validate access.
This tab allows you to enable the use of File Transfer Protocol (FTP) with the upload account. Use your password with a third party FTP client application, or in each FTP-based command line call to obtain access.
FTP is NOT secure
We recommend that you avoid FTP as an access method. If you do choose to use it, it is important that you realize how “non-secure” it truly is.
- During FTP transfer, content is unencrypted as it passes over the public Internet.
- Anyone along the transfer pathway that can “sniff packets” can also see the Upload Account Id (Username) and FTP Password used for authentication. This allows that “sniffer” full access to your content, to perform any and all of the operations available to that user in NetStorage. (This includes deleting or changing content.)
NetStorage offers some additional security measures for FTP (Password Rotation, Brute Force Attack Prevention and IP and Geo Access Control Lists), but even with them activated, they don’t offer the security available with a secure Access Method, such as SFTP, SecureCopy, Aspera Upload Acceleration or the CMShell.
All of the options above are configured in an upload account you use to access a desired storage group.
How to add an FTP password
- Click the FTP tab.
- Click the "+Add FTP Password" button.
- Populate the fields as follows:
CAUTION: Take care if using the Notes field to input a "password hint." Only input information that may help in recognizing this value. (Ensure that you don't input anything that may easily give up this value.)
- FTP Password: Input a properly formatted password value.
- Confirm Password: Input the exact same value set in the FTP Password field.
- Notes (Optional): Input any password-related information you feel is relevant in this field. Potential hints for the FTP Password can be set here.
- Click the Add FTP Password button to complete the process, and reveal an entry for the new password in the FTP Authentication table.
- If desired, repeat Steps 2 - 4 to add an additional password. Repeat as necessary to add more passwords.
You should also incorporate Advanced Settings
NetStorage offers additional security for FTP. This includes Brute Force Attack Prevention and the use of Access Control Lists. We recommend that you incorporate both, and they are applied when configuring Advanced Settings for the upload account.