[Development] Important: Gerrit login will require MFA starting on Wednesday, 26 February 2025

[Jukka Jokiniva]

These security improvements are now live.

MFA will be required for Gerrit use starting from your next login. Please note that once MFA has been activated, it will apply to all QtAccount logins. This includes services such as Bugreports and the Customer Portal.

  --Jukka Jokiniva, Gerrit Admin

From: Development <development-bounces at qt-project.org> on behalf of Jukka Jokiniva via Development <development at qt-project.org>
Date: Wednesday, 19. February 2025 at 13.17
To: qt-dev <development at qt-project.org>
Subject: [Development] Important: Gerrit login will require MFA starting on Wednesday, 26 February 2025
Hi Qt Project Contributors,

As discussed in Contributors Summit 2024 (https://wiki.qt.io/Cyber-Security_and_implications_on_the_Qt_Project), the following changes will be made on Wednesday, 26 February 2025:
* Require Multi-Factor Authentication (MFA) for all Gerrit users.
* Lock Gerrit accounts of inactive approvers. An approver is considered inactive if they have not logged into their Qt Account within 6 months. Notification email will be sent 1 month before locking, and the process can be stopped simply by logging in.
* Remove approver rights after 12 months of inactivity. Rights can be recovered by requesting them from Gerrit Admins.

To activate MFA already now, please visit your Qt Account (https://account.qt.io) and navigate to the My Profile page.
If you have not activated MFA by 26 February 2025, you will be redirected to the MFA activation page during your next Gerrit login.

In case of login issues, please contact gerrit-admin at qt-project.org

  --Jukka Jokiniva, Gerrit Admin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.qt-project.org/pipermail/development/attachments/20250226/db6bc3af/attachment.htm>