[Interest] QML and sensitive data

Roland Hughes roland at logikalsolutions.com
Thu Sep 5 14:28:04 CEST 2019

On 9/5/19 5:00 AM, Alexander Ivash wrote:
> Thank you for fast response, but my question is purely about QML. On
> C++ side I have a lot of ways for nullifying / erasing sensitive
> information*after*  it is not needed (let say after particular QML
> screen gets' closed). But on QML / JS side I have no any control at
> all. Would be great if one of QML guys could step in and comment too.

The correct solution is to never use QML for anything. It's a needless 
burden on the processor _and_ it's insecure. Who wouldn't want to write 
everything with that???

Thiago tried to point you in the correct direction, but I think you 
missed it. All data must be owned by C++. Never use Q_PROPERTY() so you 
can control the lifespan and communications.

I'm guessing you prompt for a username &/or password and have one 
control enter the entire thing. Upon success you navigate to a new 
dialog/screen/whatever and the insecure luggage is left laying around.

You can "solve" this problem architecturally by not doing that.

Cheap hack #1: assign both fields new values once validated, say "*****" 
and force screen update before navigating away.

A much better solution would be to have your own entry control which 
sends each character back to C++ and displays first a string with that 
character, then after 1-3 seconds changes all visible characters to a * 
so the string in QML never contains the complete username or password. 
Perform all validation logic within C++ and have C++ own the data. Let 
QML be no more than a screen surface.

The best solution would be to use Widgets.

Roland Hughes, President
Logikal Solutions
(630)-205-1593  (cell)

More information about the Interest mailing list