Files
OpsLog/wiki/Security.md
T
2026-07-09 16:51:57 +02:00

919 B

Security

Secret vault

Opt-in passphrase encryption of the stored passwords (QRZ, cluster, eQSL, SMTP, Icom network, etc.) using AES-GCM + PBKDF2.

  • Enable it in Settings; you set a passphrase.
  • Encrypted values are marked enc:v1: and are portable (they travel with the data/ folder).
  • A single unlock prompt at launch decrypts them for the session.

If you forget the passphrase, the encrypted secrets can't be recovered — re-enter them.

What OpsLog sends where

  • Callsign lookups go to QRZ.com / HamQTH with your credentials.
  • QSL uploads/downloads go to the services you configure (LoTW via TQSL, QRZ, eQSL, ClubLog, HRDLog).
  • Telemetry is a once-a-day anonymous heartbeat (random install ID + version
    • OS — no callsign, no QSO data). Opt out in Preferences.
  • Everything else stays local (or on your own MySQL / web server for the multi-op live status).