FTP and SFTP – what to choose?

If you work with websites, you will at some point have to transfer computer files between a client and a server on a computer network. In that case, you will come across “FTP” (File Transfer Protocol). It is still the predominant standard for file transfer, but not for any logical reason as it is not encrypted and thus insecure. It is therefore important that you consider the options when presented with an alternative. At One.com we offer SFTP (Secure File Transfer Protocol), to help you increase the security and make it harder for any hackers to access your files.

A bit of history?

FTP is a protocol to transfer files and is the first dedicated file transfer protocol to be widely used. Being published in 1971, as RFC 114 makes it a cornerstone of the internet as we know it today.
You might think to be almost 50 years old would make FTP well developed and fully secured by now, but quite the opposite in fact. Despite a few changes, it is almost the same. Many systems still rely on this legacy protocol, and it is therefore still available as a standard most places.

In 1971 files were small, and hackers were unheard of. The internet consisted of a handful of systems and was still very young. It was not until 1999 that the security issues with FTP were found, and thoroughly investigated. Most of them have now been resolved or mitigated, but some persist.
As a solution to the problems with FTP, some alternatives were proposed and developed. The already encrypted connection of an SSH connection quickly became the foundation for the new FTP protocol and was called SFTP. The first draft for SFTP was published in 2001, and it has since grown to quickly replace FTP.

The major differences

FTP is not encrypted whatsoever. This results in any person with access to the same network as you, being able to see your user-name and password when you log in. SFTP fixed this by being built on a secure subsystem of SSH. This is an image of the data being sent when logging into SFTP vs. FTP.

How would you rather have your data look?


SFTP provides a more stable connection and error handling than FTP. It allows the file sizes to be quadrupled when transferring files. At One.com the file size limit for FTP transfer is 4GB, but 16GB for SFTP. The SFTP protocol also has a bunch of smaller benefits, such as easier configuration on both ends of the connection.

So what to choose?

SFTP is, by all means, better when transferring files. The security issues alone should be the deciding factor. Use SFTP whenever possible, or risk hackers snooping on your passwords.

If you want to know how you activate SFTP on your webspace, just follow this step-by-step guide.