[Qgis-user] obscurate DB password from .qgs project
Etienne Tourigny
etourigny.dev at gmail.com
Fri Nov 16 11:00:45 PST 2012
I'm also not sure how it could be reliably encrypted, given that it
would have to be decrypted at run-time and the algorithm (and salt,
presumably) would be open-source.
The other way to do it would be to add a user-defined "master"
passphrase (entered at run-time) to unlock all of the encrypted
passwords, assuming there are many. Exactly like Thunderbird/Firefox's
Master Password.
Etienne
On Fri, Nov 16, 2012 at 4:43 PM, Jürgen E. <jef at norbit.de> wrote:
> Hi Giovanni,
>
> On Fri, 16. Nov 2012 at 17:17:28 +0100, G. Allegri wrote:
>> I've never considered that DB layers passwords are stored in clear inside
>> a .qgs project.
>> I suggest to consider encryption, because it can be very harmful...
>
> You get a big fat warning, when you decide to save the password. If you don't
> save the password (or username), QGIS will ask for credentials when necessary.
>
> JÃrgen
>
> --
> Jürgen E. Fischer norBIT GmbH Tel. +49-4931-918175-31
> Dipl.-Inf. (FH) Rheinstraße 13 Fax. +49-4931-918175-50
> Software Engineer D-26506 Norden http://www.norbit.de
> committ(ed|ing) to Quantum GIS IRC: jef on FreeNode
>
> --
> norBIT Gesellschaft fuer Unternehmensberatung und Informationssysteme mbH
> Rheinstrasse 13, 26506 Norden
> GF: Jelto Buurman, HR: Amtsgericht Emden, HRB 5502
>
> _______________________________________________
> Qgis-user mailing list
> Qgis-user at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/qgis-user
More information about the Qgis-user
mailing list