Password protect your password in QGIS

Feb 5, 2018 | QGIS

There are a number of things I just “do” in QGIS these days and don’t think twice about them. Work is picking up on the FOSS4G side of life and I find myself more going “Well yeah you just do X and then you have Y – I thought people knew that.”

Today turned into a discussion on the Authentication manager. So what is it and why should you care? This will be a 2 parter.

If you’ve used postgis with QGIS  – you’ve seen this part of a menu pop up at some point.

You can supply a username and a password and connect to things. My “thing” is currently PostGIS/PostgreSQL and I use this a lot. The bad part is my credentials are stored in plain text. All I need to do is pop open the QGIS file or a qlr file with a text editor and my credentials are sitting there for the world. If you were to click on the red box labeled configurations (as pictured above) you get a different menu.

Click add and set a password you will remember:

and here we are:

 

 

 

 

 

 

 

You provide a Name and in my case I name it for what I’m going to be doing: “PostGIS” and then my postgres/postgis credentials. You can let it generate an ID or set one yourself. When you save it it creates a spatialite database in your .qgis2 directory. From here going forward you’re going to be asked for  the master password that you set in the very beginning. You can have different Authentication credentials for each part of your QGIS life. I might have one for PostgreSQL, SQL Server, Geoserver, etc.

So what happens after it’s set – let me connect to a table in postgis after setting up my connection:

and I connect:

Notice my password and login are now hidden by the Authcfg ID – which I let default to some alphanumeric combination. Maybe you don’t want it to default (which will be part 2’s discussion).

Why worry about it? Maybe you are in a corporate environment and your password into things is a bit important. Maybe you are hitting web services and have a PKI Certificate.

So – if you want all the information go here  because I have no doubt missed something or confused some aspect of the explanation. Like I said – all of this started with me going “Hey you should….” and the client going “WHAT”.

Security – it’s not overrated.

Subscribe to the Newsletter!


 

You may also like

TNGIC 2024

TNGIC 2024

So - if you're coming to the 2024 TNGIC (TN Geographic Information Council) meeting (April 9-11 2024) to talk about how no one understands what you do......I'm doing a workshop. What workshop? It's a new workshop. QGIS and LIDAR data. As to what I do with the class...

iNaturalist and QGIS

I am probably the worst for being able to properly name "things". There are big trees and little trees. There are the annoying bugs and the not so annoying bugs. There are ducks, birds, bigger birds, and the birds that hang out at my bird feeder. As much time as I...

Mergin Maps and DB Sync

Mergin Maps and DB Sync

I don't know if I would label this exercise as fun but I've learned alot. I don't do a ton of data collection these days. At one time a few years ago I was out in the field with Fulcrum, a laptop, and sketchy internet for days at a time. These days I'm hardly ever...