Who can actually see the password when I accidentally used ftp instead of sftp?

Question

It has been said that if we accidentally use ftp instead of sftp, people can actually see the login name and password in pure text form, and it is very bad.

But who can actually see it? Will it be operators at large firms only? Can any hobbyist at home with a broadband modem be able to see it?

I think I used ftp accidentally a few times instead of sftp over the past few years and there wasn't any security issue, until recently when I did it 2 months ago and then a couple of weeks ago, somebody seems to have logged into my DreamHost web panel and transferred my domain name to another registrar and then a week or two later, transfer again and tried to sell the domain name.

Answer 1

Traffic should be sniffed to get such thing. So the answer is

• Someone in your local network
• Local ISP
• Hosting provider

However FTP can use TLS authentication which sends the login data encrypted.

It is better to contact hosting provider and place you bought the domain and inform the issue.

Answer 2

When you send unencrypted information on the internet anyone with access to the telecommunications lines or the networking equipment that sits on them can potentially read the traffic. That means the internet service providers which the traffic goes over, the telecommunications companies who supply the lines, and the governments who can compel (or pay) these companies to give them this data.

Additionally anyone with administrative access to the web server and the network it's on could also access the data. This would include hackers who have penetrated the systems.

The rest of the world at large has no ability to intercept the traffic. Someone on a DSL line isn't going to be able to see it for example.