To 'nudge' researchers to be carefull with respondent data, it is possible
to set a data-password. This will change researcher downloads from .json
or .csv files to zipped versions of these files protected with the
specified password.
Things to note:
- The zipfiles use AES encryption, which is stronger, but not supported by default on many operating systems. Use OS specific software that suppports this encryption, for example:
- Linux: PeaZip
- Max OSX The Unarchiver
- Windows: 7zip
-
Long passwords help create better protected files, but never consider password protected zipfiles to be 'unbreakable'. They protect only to layman users, not motivated attackers.
-
You can use a secret-manager to avoid putting the password direcly into CLI arguments or environment variables.
- Using environment variables:
# enable access to the researcher interface by
# setting basic authentication
export OSD2F_BASIC_AUTH="admin;testpassword"
# set the password
export OSD2F_DATA_PASSWORD=<your password>
# start the server
osd2f -m Development -vvv- Using a CLI command
# enable access to the researcher interface by
# setting basic authentication
export OSD2F_BASIC_AUTH="admin;testpassword"
osd2f --download-password <your-password> -m Development