[Qgis-psc] Grant report: Authentication system revision (v1.1)

Wed Feb 12 12:12:24 PST 2025

Hi Nyall

Wow, these are really great improvements! Thanks to you and Ale for taking
care of this!

Regards

Tim

On Fri, Feb 7, 2025 at 4:56 AM Nyall Dawson via QGIS-PSC <
qgis-psc at lists.osgeo.org> wrote:

> PSC,
>
> I'm writing to provide an update on the grant for QEP 289 --
> Authentication system revision (v1.1)
>
> This work is now complete. After in-depth review and discussions
> between Alessandro Passotti and myself, and in-depth peer-reviews of
> the submitted changesets, the entirety of the proposal from
> https://github.com/qgis/QGIS-Enhancement-Proposals/issues/278 was
> deemed acceptable and has been now been merged into QGIS for 3.42.
>
> This grant resulted in the following changes to the authentication
> framework:
> - Passwords are now automatically synchronized with the system
> keychain whenever a user changes their master password within QGIS.
> Previously, this was a manual step which the user was required to do
> themselves, and failure to do this step would result in an unreadable
> authentication store. (see https://github.com/qgis/QGIS/pull/55227)
> - On systems with keychain support (i.e. Windows, Linux) we now
> automatically create a cryptographically secure random master
> authentication password and store it in the keychain for all new user
> profiles. This means that an out-of-the-box new QGIS install will
> immediately have a usable authentication store ready to go, with no
> manual user setup required. (see
> https://github.com/qgis/QGIS/pull/55144). Note that this is not
> functional on Mac OS builds due to lack of notarization (see
> https://github.com/qgis/QGIS/issues/46175), Note that this logic can
> be disabled for enterprise installs via settings ini configuration.
> - When a QGIS user opts to change their master password and they are
> using the default randomly generated keychain password, we no longer
> prompt them for the existing password. This makes password change
> operations more user-friendly, as the user will not know what this
> random password was (unless they are knowledgeable enough to retrieve
> it from the system keychain!). See
> https://github.com/qgis/QGIS/pull/55228)
>
> There was also an additional work item completed as part of this grant
> which was not in the original proposal -- a round of UI tweaks were
> made around password handling, including:
>
> - Avoiding use of hardcoded English strings for the password
> wallet/keychain
> - We don't confusingly offer to backup the authentication database if
> non-sqlite storage in use
> - We now require the new password to be confirmed in the Reset
> Password dialog, so that users who make a typo in the new password
> aren't permanently locked out of the db!
> (see https://github.com/qgis/QGIS/pull/60441)
>
> Overall, this grant has resulted in a better out-of-the-box experience
> for both users and QGIS plugin developers who require secure storage
> of credentials within QGIS.
>
> Thanks again for the opportunity to work on this!
> Nyall
> _______________________________________________
> QGIS-PSC mailing list
> QGIS-PSC at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/qgis-psc
>

-- 

Tim Sutton

*Kartoza Cofounder*Tim is a member of the QGIS Project Steering Committee

*T *: +27(0) 87 809 2702          *E *: tim at kartoza.com          *W* :
kartoza.com

*This email and any attachments are confidential and intended solely for
the use of the individual or entity to whom they are addressed. If you *
*have received this email in error, please notify the sender immediately
and delete it from your system. Unauthorised use, disclosure, or copying*
*of the contents is prohibited.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/qgis-psc/attachments/20250212/5acd6f29/attachment-0001.htm>