FTPS is an extension of File Transfer Protocol which uses SSL/TLS technology to encrypt data sent through the FTP connection. TLS has largely succeeded SSL, but SSL is still the more popular term used in discussion. FTPS should be used instead of FTP whenever possible.
As well as encrypting files as they travel over the internet, FTPS encrypts the initial login and password used by the client to connect to the FTP server. If any of this data is intercepted in a ‘man in the middle’ attack, it will be unreadable to the attacker.
To implement FTPS, the FTP server will need an SSL certificate installed. To complete a connection with the server, the client will need to accept the authenticity of this certificate.
Implicit and Explicit FTPS
FTPS can operate over two different modes, an explicit connection or implicit connection. In an explicit connection, the client makes an initial contact over plain FTP and then requests the server perform an SSL handshake and encrypt the connection. In an implicit connection, the client simply starts performing the handshake without preamble.
The decision of what mode to use is made by the client when he/she first connects. Both modes are usually available in FTP client programs. However, when connecting via FTPS you should prioritise the explicit connection mode, as the implicit mode is obsolete.
The difference between implicit and explicit FTPS is further detailed at this JSCAPE article.
Don’t confuse FTPS with SFTP
FTPS is often confused with SFTP. Though they are both used for the same task, SFTP is a completely different protocol which uses a SSH connection as a vehicle to transfer files. Each have pros and cons over each other and the method you use to transfer files comes down to the needs that particular scenario implies.