Hi, yes, the password encryption is not very strong nor has it ever been advertised as being strong. It's exactly the same password encryption that has been there since V1. It simply stops the passwords being clear text.
The problem with encrypting the passwords is that we must use a key, and that key must go in the EXE, so it's always going to be visible no matter what we do. We could ask the user for a key, but of course that needs to be stored somewhere, and that also needs to be encrypted, so back to square one. This means it makes no difference at all how strong the encryption is because you can get the key to decrypt it.
We can't ask the user for the key every time they run the program, but we can (and do) give the option of being prompted for a password, e.g. for FTP, so in that case no password is stored at all. That's obviously not practical for many people and it's viable in some cases, e.g. cloud.
You can of course secure access to your profile settings files, so if that directory itself is secure (using NTFS security) then nobody but you should have access to those files anyway and so cannot get to the encrypted password to begin with.
We've already put some thought into how to improve the encryption, but it all comes down the fact that it is simply impossible to securely encrypt anything when the key can be found by anyone determined enough. The only real option I can think of is letting the user decide on the key themselves and having it stored on some (physically) secure device. That is something we'll look at.
Thanks
The problem with encrypting the passwords is that we must use a key, and that key must go in the EXE, so it's always going to be visible no matter what we do. We could ask the user for a key, but of course that needs to be stored somewhere, and that also needs to be encrypted, so back to square one. This means it makes no difference at all how strong the encryption is because you can get the key to decrypt it.
We can't ask the user for the key every time they run the program, but we can (and do) give the option of being prompted for a password, e.g. for FTP, so in that case no password is stored at all. That's obviously not practical for many people and it's viable in some cases, e.g. cloud.
You can of course secure access to your profile settings files, so if that directory itself is secure (using NTFS security) then nobody but you should have access to those files anyway and so cannot get to the encrypted password to begin with.
We've already put some thought into how to improve the encryption, but it all comes down the fact that it is simply impossible to securely encrypt anything when the key can be found by anyone determined enough. The only real option I can think of is letting the user decide on the key themselves and having it stored on some (physically) secure device. That is something we'll look at.
Thanks