cancel
Showing results for 
Search instead for 
Did you mean: 

SFTP - Password vs Key Authentication

itabhishek9
Participant
0 Kudos

Hi SDNites,

I am using Password based authentication for SFTP adapter but would like to know if it is less secure than Key based authentication. Also please let me know if the data, user and password all are encrypted in both the approaches or not.

Regards,

Abhi

Accepted Solutions (0)

Answers (3)

Answers (3)

vadimklimov
Active Contributor
0 Kudos

Hello Abnishek,

SFTP supports not only password or certificate based authentication, but the combination of them (dual authentication) - when both password and certificate are used during authentication procedure. Thus, if you are concerned about secure authentication, I would suggest using dual authentication method rather than selecting between password or certificate. I would grade existing supported authentication mechanisms for SFTP adapter as following:

1. (least secure) Password. As mentioned by others earlier, passwords can be hijacked or hacked (especially if there are no password restriction and strong password generation rules in place);

2. Certificate;

3. (most secure) Password and certificate (dual).

Regards,

Vadim

KarthikBangeraM
Active Participant
0 Kudos

Hi Abhi,

Password protection is vulnerable to phishing attacks, there are chances that anyone can hack into your data or see what you are transmitting to your third party.

Certificates on the other enable use of asymmetric key exchange method between 2 communication parties using the private key and certificate pair. Your data will be nothing more than a jumbled bit of information for anyone who tries to hack through

Hope this explains!

Regards,

Karthik

former_member186851
Active Contributor
0 Kudos

Hello Abhishek,

Both are secured.

But in layman terms without considering PI,Passwords authentication is a bit little safer because passwords can be cracked,Whereas Keys cant be.

And coming to encryption you should encryption part,Keys or passwords doen't play any role here.