FTP is a security nightmare, and no one should ever use it if the server is on the internet.

Why isn’t it secure you ask?  When people go to Facebook, Amazon, eBay, etc., they are safe because the data that is transferred is encrypted.  So if someone is snooping on the network (like at a coffee shop) they won’t see every letter you are typing being transferred.

FTP on the other hand has no encryption.  So if I am at a coffee shop and snooping on the network, I would get the password of someone if they login using FTP.  When you are on the internet though, everything is snoop-able (sp?).  So if you are at home, and I FTP into my web server, the username/password transfers through at least 10 networks before it finally hits the server.  Someone could be spooping at any point.

There are great options like FTPS (s = secure) and SSH.  I just setup “vsFTPd” on my Linux server and it is using SSL (secure socket layer).  It took less than 5 minutes.

If you are a web designer and have the option to use SSH, SFTP, FTPS, SSL, etc, use it.  Most clients now give you the option.