WinSCP is an open-source FTP, SFTP, Amazon S3, WebDAV and SCP client to Microsoft Windows. It is free of cost. Its prime function is to conduct secure file transfer between remote and local computer. Other than this, offers a basic file manager as well as file synchronization functionality. For the purpose of secure transfers, it uses SSH and supports SCP protocol in addition to the SFTP.
WinSCP is basically based on implementation of SSH protocol from PuTTY as well as FTP protocol from Firezilla.
It is available as a plugin for the Altap Salamander file manager. A third-party plugin exists for FAR file manager.
WinSCP can be downloaded as standalone Portable executables. These executables which are in the Portable executables package are very identical to the executables in the Installation package. The difference between them is that the installer is what pre-configures executables for the purpose of overriding their default portable behavior.
While installer is for general use only, portable executables are meant for more specific needs as well as advanced users.
WinSCP stores temporary data on the file system of host computer, with the default configuration. WinSCP can be configured to be fully portable though, that is, to make it store all of its files as well as configuration in one place – for instance, a portable USB drive.
The SSH protocol has an ability to forward any arbitrary network connections over the encrypted SSH connection. WinSCP can utilize the ability to enable you to connect to a server which (Server B) cannot be directly reached from the working station, but it can be accessed indirectly from a different station (Server A) which can be reached. It does this by opening SSH connection to Server A, requesting it to open forwarded connection to Section B.
Only SCP and SFTP supports forwarded connection. Whereas, forwarded connection is not supported for S3 , FTP, and WebDAV.
WinSCP can also open a local listening port on the working station, which works as a tunnel Server B through Server A. This can be utilized by another TCP/IP application to get to Server B.
WinSCP is also capable of protecting stored passwords by strong AES cipher. To protect sensitive information, as master password must be set. If a master password is not set, then stored passwords can be very easily decrypted by any malicious softwares which infiltrate your computer.
If a master password has been set, every new instance of WinSCP will request you to enter your master password for the first time it needs to access any protected passwords or for protecting a new password.
You can remove or change the master password later again if you would like to do that. If the master password is removed, then the other passwords will not be protected anymore.
There is no way to recover the master password if you forget it, and you also cannot recover the protected passwords.
What you can do at this point is, you can reset WinSCP back to its unprotected state. So, you lose all protected passwords.