Geert Jan de Groot wrote:
TELNET and FTP are not the most suitable protocols anymore for today's hostile environment that is the Internet.
That's simply wrong. The purpose of the TELNET is (rfc854): The purpose of the TELNET Protocol is to provide a fairly general, bi-directional, eight-bit byte oriented communications facility. Its primary goal is to allow a standard method of interfacing terminal devices and terminal-oriented processes to each other. and TELNET has nothing to do with pain text passwords. Requiring username and plain text password is a feature of UNIX login command and you may use something else such as one time password. Moreover, even today, many use TELNET to connect to SMTP servers, where there is no such things as username or password. As for FTP, like http(s), it is used mostly without user names. Though ftp: URL allows user name and password, same is true for http(s): until deprecated just recently by rfc9110 (or, even after that): The URI generic syntax for authority also includes a userinfo subcomponent ([URI], Section 3.2.1) for including user authentication information in the URI. In that subcomponent, the use of the format "user:password" is deprecated. Some implementations make use of the userinfo component for internal configuration of authentication information, such as within command invocation options, configuration files, or bookmark lists, even though such usage might expose a user identifier or password. Masataka Ohta
