Swift Software Group

How to configure TortoiseHg to remember your username and password

I have been playing with Hg (Mercurial) lately to see if it would be feasible to move our projects at Primo Software from SVN (Subversion) to Mercurial. The things I am looking at are not just the version control capabilities, but also the tools that are available on Windows, Mac and Ubuntu. As part of the tools evaluation I have been playing with TortoiseHg, which seems to be the recommended Hg visual tool for Windows.

This post here is about configuring TortoiseHg to remember the username and password and not ask you for those when you do Pull/Push to a remote repository. In the example below I use a Hg repository hosted on bitbucket.org, but the same configuration should be valid for any other remote repository.

After you first clone your repository with TortoiseHg you end up with this in your Hg configuration file (i.e. your .hg/hgrc file):

[ui]
username = Valentin Kantchev <myemail@primosoftware.com>

[paths]
default = https://myusername@bitbucket.org/primosoftware/projectmap

If you do Push and Pull from TortoiseHg it will take your username from the repo URL under the [paths] config, but it will keep asking for your password every time you do this.

workbench_1

One of the solutions to this is to set your username and password in the TortoiseHg synchronization view:

workbench_2

Now it’s all good, but to make this work TortoiseHg creates a file called mercurial.ini under your Windows home directory, whichs is normally C:\Users\yourwindowsusername\. In my case the file had this inside:

# Generated by TortoiseHg settings dialog
[ui]
username = Valentin Kantchev <myemail@primosoftware.com>

[auth]
bitbucket.org.prefix = bitbucket.org
bitbucket.org.username = myusername
bitbucket.org.password = mypassword

The problem with this file is that the password is stored in it as clear text.

Fortunately there is an easy workaround for that: TortoiseHg comes bundled with a Keyring extension, designed for storing authentication passwords securely. However, the Keyring extension is not active by default. To activate it you have to add the following lines in your mercurial.ini file:

[extensions]
mercurial_keyring=

You can delete the password line under the [auth] section completely as it is not needed at this point. Your final mercurial.ini file should look like this:

# Generated by TortoiseHg settings dialog
[ui]
username = Valentin Kantchev <myemail@primosoftware.com>

[auth]
bitbucket.org.prefix = bitbucket.org
bitbucket.org.username = myusername

[extensions]
mercurial_keyring=

Now you can also remove your username from the repository URL. In the .hg/hgrc file in your local repository folder, change this: https://myusername@nullbitbucket.org/primosoftware/projectmap to this: https://bitbucket.org/primosoftware/projectmap

Your final .hg/hgrc file should look like this:

[ui]
username = Valentin Kantchev <myemail@primosoftware.com>

[paths]
default = https://bitbucket.org/primosoftware/projectmap

This completely removes all authentication info from your local repository folders. Your password is now stored in the Keyring and your user name is stored in C:\Users\yourwindowsusername\mercurial.ini. This way, for example, if you zip your local folder to send it to somebody you cannot accidentally send your source control authentication information with it.

Please note that after all changes TortoiseHg might ask you one more time for password. After that it will store and use the password from the Keyring.

Here is the last TortoiseHg screenshot. Notice that there is no authentication information visible anywhere:

workbench_3