38 posts
  • 4 Years of Membership
  • Australia
  • Collector Level 1
  • Envato Team
+1 more
stevehodgkiss
Envato team
says

If a third party decided to be malicious they could upload and delete files in your ftp directory, but not download. API keys also grant access to your personal account info, balance, sales data, statement etc – so you should be careful to only give them to trusted third parties.

The change we’re making on FTP is to reduce the current functionality of password or API key to API key only. We have updated our FTP software to show a more helpful error message on failed login.

67 posts
  • Trendsetter
  • 3 Years of Membership
  • Exclusive Author
  • United States
+3 more
JenniMcCarthy
says

API keys also grant access to your personal account info, balance, sales data, statement etc – so you should be careful to only give them to trusted third parties.

So are API’s less secure than using a password if they grant access to all this information?

1829 posts Time is what you desire most, but waste carelessly.
  • Author Level 9
  • Elite Author
  • Exclusive Author
  • Trendsetter
+9 more
Firsh
says

Even if API key is a bit more esily acquirable by someone with dark intetntions, the FTP is just used for uploading, there is not too much harm that could be done. But the FTP could be hammered by password brute force attacks or other things, it’s best to only use our passwords for logging in the marketplaces (wish there was ssl).

7 posts
  • 4 Years of Membership
  • Affiliate Level 2
  • Author Level 6
  • Collector Level 1
+3 more
Nesia
says

Hope this changes will bring role-life better for Envato and Marketplace network. Thanks for the info.

1 post
  • 3 Years of Membership
  • Collector Level 2
  • Exclusive Author
  • Russian Federation
ktyjix
says

Can’t connect to ftp neigher throuth password or API key, what should I do?

by
by
by
by
by
by