This may sound a little sarcastic but unless you're building and maintaining a government, military or banking site with classified or sensitive information in database storage or you're managing your entire e-commerce process (start to finish, as in you're your own payment processor and receiver) all on your own servers, what exactly do you need that kind of security for? It seems that pretty much the rest of the Internet is doing alright without it... or private keys, like CSS and HTML5 would be the rule and not the exception.

I don't get it. I use 24 character cryptic passwords, and have NEVER had a site hacked.

I don't feel so bad now. For a little while there, I though I was a total idiot and a smart@$$ all rolled into one.

See, I've built a few dozen sites, and several for businesses. For the ones that needed it I have locked down file access, and as I said, I've NEVER had a site hacked, not through password server access. There was once that an entire server system was compromised, but it was a matter of anyone accessing sites or files on the server. They somehow got into the hosting company's server and basically formatted it. It was only one of more than a hundred at the facility, and it was nothing more than an inconvenience for me as I just reloaded my site on that server. three minutes and I was back up. Not a cent of revenue lost that I could ever trace, because it happened overnight and was back up before 8 am.

Obviously the O.P.'s experience has been very different.

Comparing Dreamweaver, a web design client with FTP cpapbilities... to Putty, strictly a telnet client, WinSCP, strictly an FTP client, and Filezilla, strictly an FTP client, seems an exercise in futility. It's like comapring Notepad to Flash Professional. Sure you can wirte Actionscript in both, but the similarities end there.

I've been here nine years, under a work account until 2009 and on my own since. I've been in the Dreamweaver forum since 2007.

I agree with John that this is the first time I've ever seen this come up.

It may be the shape of things to come, but to me it just seems like overkill right now.

Donkzi11a wrote:

 

 

What happened to Sony can never happen to my business. My customer data is safe. Is yours?

Sony and Amazon are FAR FAR FAR more subject to being hacked than anything I've built to this date, mostly because my clients aren't uderselling everyone on earth and becuase they don't intentionally tick their customers off with stupid stuff like rootkits in their CDs or firmware flashes in DVDs.

So I feel pretty safe in saying the same. Haven't lost any customer data with 800cart, 2Pay, or PayPal (who I don't use anymore but did briefly back in 2004) in six  and a half years.

Hi

Sorry to hear about the problems with the DW ftp client, but as Nancy said the only option is to file a feature request, have you done so?

On the security issue, even using encrypted private/public key pairs are no guarantee, but they are more secure than the general user-name/password, (even hashed). Hackers are not interested in if a site is secure or the type of site, for most it is just a question of; "can I hack this site", (and the process is now fully automated, so forget about someone sitting there entering the data).

PZ

Hi

The trouble is, is that if you do not ask it will not be implemented.

Many of us have been asking for new server behaviours such as PHP:PDO and stored procedures, but the simple fact is that not enough people are asking to make it worthwhile. When the function(s) are available via other products, it does not make economic sense to implement it for a small minority of users.

So saying, "I do not have the time" simply means that it is unlikely to ever be implemented. But I can see your point of view .

PZ

Programs like coda, and netbeans ( netbeans is free ) have this feature. We switched over to Amazon EC2 a while ago and believe for security private/public keys are the only way to go.

We have over 30k customers on our site and process thousands of orders a month, I would not trust my sites or my customers security with just an encrypted password. If you have not been hacked I can see your point that it is not needed, but I HAVE been hacked using an encrypted password on a dedicated server and would trust nothing less that key pairs to protect my asset. I own dreamweaver to make easy changes to layout files and some minor php editing and I am a professional that wants the tools to keep my site secure and get my work done.

All that being said we are not talking about rewriting the whole framework of dreamweaver but a simple patch or an addon module.

So all you that say you are protected and your data is protected, I hate to tell you nothing is safe and if you are not up on your security ( as it changes every day ) I wish you the best of luck. As for me I would rather use trusted modern security over luck!

Adobe if your listening this is a needed feature.

nice thread.. txs