Thanks for your point - I have just remembered that I have recovered someone's FTP password for them from a TCPIP stream and it was fun but not difficult!

However, of notable attacks I have witnessed recently, the plain text file of Filezilla was the attack vector. Get that and away you go!