You should try the winscp client I linked to above. It has drag and drop capability, and you can even edit the files on your server through this client.
And SFTP does not send username/password in plain text.
FTP: File Transfer Protocol
SFTP: Secure Fire Tansfer Protocol