Invalid Authentication, Username, Or Password

The SFTP protocol has a "gotcha" that often confuses SFTP users when trying to troubleshoot authentication issues. The protocol uses integers internally to communicate authentication failure codes and does not even allow services (such as Files.com) to send detailed error messages that relate to authentication.

This is in contrast to nearly every other protocol, such as our API, FTP, web, etc., which all provide detailed messages that explain login failures.

Many SFTP client software will simply plug in a "default" message about authentication failure or invalid username/password when they experience any sort of authentication failure. We recommend using your Files.com site's History logs to determine the real reason for the failure. Filter the history logs by Action: Login Failure. You can optionally filter the log further by username or IP. This will generate a log of the detailed reasons for the login failure.

Common causes of failure include expired passwords, required password change, brute force protection, IP restrictions, 2FA restrictions, geographic restrictions, or other authentication restrictions that you've configured on your site.

If the user account has been configured to Require password change on next login then SFTP login will not succeed until the password has been changed. Ask the user to access Files.com using our web interface and have them complete the password change prior to attempting a login via SFTP.

If a user is having problems logging in using SFTP then have them attempt to log in using the Files.com web interface. If the issue persists there then this eliminates SFTP as the cause.