What is the detailed difference between FTP and SFTP?
Profile photo for Biplab Kumar Roy
Biplab Kumar Roy
Senior Cyber Security Engineer · 7y ·

FTP and SFTP are two different file transfer protocols and the major difference between the two is the security associated with the file transfer.

FTP - File Transfer Protocol (FTP) is the commonly used protocol for exchanging files over the Internet. FTP uses the Internet's TCP/IP protocols to enable data transfer. FTP uses a client-server architecture, often secured with SSL/TLS. FTP promotes sharing of files via remote computers with reliable and efficient data transfer.

TCP/IP networks such as the internet use FTP or File Transfer Protocol to transfer files from one computer to another. FTP works on a server and client based architecture, meaning that the client can access any information on the server at any given time. Some servers are password protected so that one can only access the information after entering an ID and password.

Downloading mp3 music off or free software off the internet are two common examples of FTP, where the client does not need any ID or password for accessing and downloading the information. On the other hand accessing your email is an example of SFTP where you will need ID and password to access the information on the server.

FTP uses two separate channels for data and control both of which are unencrypted, this means that the information from either of the channel can be intercepted and accessed. Using unencrypted channel is a huge security loop hole and led to design of more secure mode of communication such as FTPS and SFTP.

SFTP- SSH File Transfer Protocol (SFTP) is a part of the SSH protocol suite. Sometimes also called the Secure File Transfer Protocol, it provides implements secure file transfers over SSH. It supports the full security and authentication functionality of the SSH protocol, including SSH keys.

SSH is a secure way of providing access to all the shell accounts on remote server. The information communicated using SFTP is first divided into small packets and unlike FTP, SFTP uses only one channel for data and control. Before sharing the information between two computers SFTP verifies the identity of client and once a secured connection is established it sends the encrypted information (the encryption cypher is predefined).

90.5K views ·
View upvotes
 ·
View 1 share
 · Answer requested by
Deepesh Kumar
1 of 7 answers
View 6 other answers to this question
About · Careers · Privacy · Terms · Contact · Languages · Your Ad Choices · Press ·
© Quora, Inc. 2025