it looks as though my various FTP accounts have been hacked and I need to secure my passwords more carefully?
Are you sure it's the clear text of FTP and not a malware virus on your computer?
I just went through this with a client, the previous developer contracted a virus (we think) and the way it works is it steals your PW for web sites, then modifies code silently, logs in, uploads to the site to spread itself. Those without adequate AVG visit the site, the malicious Javascript installs the malware.
In this case, doesn't matter **what** you use - when you make the FTP/SFTP connection, the malware will steal your login.
But to answer the question, SFTP does exactly this, encrypts the U and P prior to sending, then on receipt the server uses the public key to make a match against the encrypted data - it doesn't decrypt it, only matches on it, to authenticate. The problem is that many shared hosting environments and other hosts make it difficult if not impossible to properly set up secure FTP.
With normal FTP, when you connect and with
every file you transfer, the user name and password are sent over the connection in clear text, and anyone who manages to sniff that data will have your login. If it's on multiple sites on different servers, it's unlikely you're a victim of this sort of attack **unless** it's your local connection that is being sniffed.
If you're using wireless, this likelihood increases quite a bit, look into methods of encrypting and securing your wireless connection. But first stop, make sure your AVG is up to date and your computer is clean.
