Index
Advanced FTP Site Settings: Security Tab

The Connection tab of the Advanced FTP Site Settings dialog contains security related options described as follows:
Password Encryption
By using password encryption the password submitted to the remote server during login process will be encrypted. The S/Key scheme utilizes One Time Password (OTP) system. TurboFTP generates and submit a temporary password based on the challenge from the server, thus ensures that your real login password will not be transmitted on the network and different temporary password will be used for login at different time.
OTP S/Key can only be used with a server that supports it. To take advantage of it, select encryption option, MD4 (S/Key) or MD5 (S/Key). By selecting Not Encrypted the login password for this site will be sent out without encryption, i.e. in plaintext.
Secure Connection
Here you find options for using SSL/TLS. You can choose of the following options:
TURBOFTP00090000.gif Standard (Not encrypted)
Standard FTP without SSL/TLS encryption (default).
TURBOFTP00090000.gif SSL Implicit Encryption
Secure FTP with implicit SSL.
TURBOFTP00090000.gif Explicit Encryption (AUTH SSL)
TURBOFTP00090000.gif Explicit Encryption (AUTH TLS)
Secure FTP with explicit SSL/TLS encryption.
In explicit encryption the FTP client needs to send an explicit command ( i.e. "AUTH SSL" or "AUTH TLS") to FTP server to initiate a secure control connection; while in implicit encryption the client establishes secure control connection upon connection with the server.
As with a normal FTP server, a port number needs to be specified for connection with a secure FTP server. If the value in the Port field is changed, the Port value in the Site Address Book for this server will be updated accordingly, and vice versa.
Use SSL/TLS client certificate
In case the secure FTP server requires authentication using a client certificate, you need to supply your own certificate, which includes a certificate file and private key file. Check the checkbox "Use SSL/TLS client certificate" and supply the key file locations. If the private key file is encrypted, supply the password as well.