[Development] Important: Upcoming Changes to Qt Project Contribution Security
Jukka Jokiniva
Jukka.Jokiniva at qt.io
Tue Jan 28 14:52:24 CET 2025
Hi Qt Project Contributors,
As discussed in Contributors Summit 2024 (https://wiki.qt.io/Cyber-Security_and_implications_on_the_Qt_Project), the following changes are now under implementation:
* Require Multi-Factor Authentication (MFA) for all Gerrit users.
* Lock Gerrit accounts of inactive approvers. An approver is considered inactive if they have not logged into their Qt Account within 6 months. Notification email will be send 1 month before locking, and the process can be stopped simply by logging in.
* Remove approver rights after 12 months of inactivity. Rights can be recovered by requesting them from Gerrit Admins.
The exact schedule for the deployment is still open, but we expect these changes to take place in the coming months.
To activate MFA already now, please visit your Qt Account (https://account.qt.io) and navigate to the My Profile page.
--Jukka Jokiniva, Gerrit Admin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.qt-project.org/pipermail/development/attachments/20250128/ac7c5a97/attachment.htm>
More information about the Development
mailing list