File Transfer Protocol (FTP)

Security+ 🏆 • Protocols 🔗 • Network Security 🌐 • Difficulty: free

Definition

FTP is a protocol used to transfer files between a client and a server. Traditional FTP sends usernames, passwords, and data in cleartext, which is why it is considered insecure on untrusted networks unless protected by a secure alternative.

Examples

A developer uploads website files to a legacy hosting server using FTP, exposing credentials if the network is monitored.
An IT team replaces FTP with SFTP for automated backups so the transfer is encrypted end to end.

Discover 🔎

FTP is one of the oldest and most widely recognized file transfer protocols. It was designed in an era when networks were smaller and trust assumptions were different. FTP still appears in legacy environments because it is simple and well-supported. However, traditional FTP has a major security weakness: it does not encrypt credentials or file contents, making it risky on modern networks.

Remember: Traditional FTP is not encrypted. If you can capture the traffic, you can often read the username, password, and files.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.