Remove reference to Dashboard Credentials (#8974)

* Remove reference to Dashboard Credentials Remove reference to Dashboard Credentials on 4/30 when this workflow is deprecated. * Remove dashboard creds copy from vscode guide * Remove faq for social login and sftp creds * Remove reference to dashboard creds auth in build tools setup guide * Remove reference to dashboard creds in wordpress git intro * Update copy for site access after removing ssh keys * Copy edits for dashboard creds release notes - not just sftp impacted * Remove reference to git auth via dash creds * Remove dash creds mentioned in multisite configure guide * Copy edits around dash creds auth * Update product screenshots of connect with sftp dropdown * Update copy in wordpress git guide --------- Co-authored-by: Rachel Whitton <rachel@pantheon.io>
pantheon-systems · May 2, 2024 · f3648cd · f3648cd
1 parent 7be29ff
commit f3648cd
Show file tree

Hide file tree

Showing 15 changed files with 26 additions and 41 deletions.
diff --git a/source/content/certification/study-guide-cms/06-deploy.md b/source/content/certification/study-guide-cms/06-deploy.md
@@ -172,7 +172,7 @@ You can take full advantage of Pantheon by loading your public SSH key into your
 Pantheon does not provide access to a shell environment over SSH. These directions allow you to have passwordless access if you configure Git, SFTP, or Drush to use SSH keys.
 </Alert>
 
-SSH keys provide a secure and convenient way for users to interact with a Pantheon site. SSH does not provide root access to the server. However, using an SSH key is more convenient than typing your dashboard password every time you issue a Git command on a Pantheon site.
+SSH keys provide a secure and convenient way for users to interact with a Pantheon site. SSH does not provide root access to the server.
 
 In this section, we will walk through the process of generating SSH keys and adding a public key to your Pantheon dashboard. First, you will generate a pair of keys on your local development machine.
 

diff --git a/source/content/guides/build-tools/02-create-project.md b/source/content/guides/build-tools/02-create-project.md
@@ -46,7 +46,7 @@ Ensure you have the latest versions of Terminus and the Terminus Build Tools plu
     Terminus 3.0.1
     ```
 
-1. [Add an SSH key](/ssh-keys) in your Personal Workspace to enable passwordless access and avoid authentication prompts. Otherwise, provide your Pantheon Dashboard credentials when prompted.
+1. [Add an SSH key](/ssh-keys) in your Personal Workspace.
 
 1. [Generate a Pantheon machine token](https://dashboard.pantheon.io/machine-token/create), then authenticate Terminus.
 
@@ -63,9 +63,9 @@ The Build Tools plugin will prompt you to create access tokens for the services
 - [GitHub](https://github.com/settings/tokens): The GitHub token checks for the following scopes:
 
   - `repo` (required)
-  
+
   - `delete-repo` (optional)
-  
+
   - `workflow` (required if using Github Actions)
 
 - [CircleCI](https://circleci.com/account/api): No scopes are configurable for this token.
@@ -78,7 +78,7 @@ The Build Tools plugin will prompt you to create access tokens for the services
 
   - `write_repository`
 
-- [Bitbucket](https://bitbucket.org/account/settings/app-passwords/): A Bitbucket app password requires the following scopes: 
+- [Bitbucket](https://bitbucket.org/account/settings/app-passwords/): A Bitbucket app password requires the following scopes:
 
   - `Projects` (read)
 

diff --git a/source/content/guides/drush/06-drush-aliases.md b/source/content/guides/drush/06-drush-aliases.md
@@ -22,7 +22,7 @@ Downloading the Pantheon aliases to your local Drush aliases file allows you to
 
 1. Use [Terminus](/terminus) to download your Drush aliases.
 
-1. Authenticate Terminus with [machine tokens](/machine-tokens) or your Pantheon Dashboard credentials, then update your local aliases file in a single step:
+1. Authenticate Terminus with [machine tokens](/machine-tokens), then update your local aliases file in a single step:
 
   ```bash{promptUser: user}
   terminus aliases
@@ -84,7 +84,7 @@ Note that these are both "wildcard" aliases. The same wildcard alias is used for
 
 ### Policy Files
 
-Pantheon uses policy files to validate aliases before they are used. Policy files are written by the `terminus aliases` command. 
+Pantheon uses policy files to validate aliases before they are used. Policy files are written by the `terminus aliases` command.
 
 - The Drush 8 policy file is written to `$HOME/.drush/pantheon/drush8/pantheon_policy.drush.inc`. Do not delete this file.
 
@@ -145,4 +145,4 @@ You can create strict control policies for your Drush aliases.
 ## More Resources
 
 - [Terminus Guide](/terminus)
-- [Pantheon YAML Configuration Files](/pantheon-yml)
+- [Pantheon YAML Configuration Files](/pantheon-yml)
diff --git a/source/content/guides/multisite/03-config.md b/source/content/guides/multisite/03-config.md
@@ -60,9 +60,9 @@ Make sure [Terminus](/terminus) is installed and [authenticated](/terminus/insta
 
 1. Navigate to **<Icon icon="code" /> Code** in the **<Icon icon="wrench" /> Dev** tab of your Site Dashboard.
 
-1. Click **Connect with SFTP** to access the credentials for connecting to your preferred SFTP client.
+1. Click **Connect with SFTP**.
 
-1. Click **Open SFTP client**, and enter your password when prompted.
+1. Click **Open SFTP client**.
 
   If you run into issues, please refer to Pantheon's [SFTP documentation](/guides/sftp/sftp-connection-info).
 
@@ -109,9 +109,9 @@ Complete the steps below after spinning up a new WPMS site from the correct Cust
 
 1. Navigate to **<Icon icon="code" /> Code** in the **<Icon icon="wrench" /> Dev** tab of your Site Dashboard.
 
-1. Click **Connect with SFTP** to access the credentials for connecting to your preferred SFTP client.
+1. Click **Connect with SFTP**.
 
-1. Click **Open SFTP client**, and enter your User Dashboard password when prompted.
+1. Click **Open SFTP client**.
 
   If you run into issues, please refer to Pantheon's [SFTP documentation](/guides/sftp/sftp-connection-info).
 

diff --git a/source/content/guides/sftp/05-vscode-sftp.md b/source/content/guides/sftp/05-vscode-sftp.md
@@ -50,7 +50,7 @@ The SFTP extension for VS Code allows you to upload code to the Pantheon Dev or
   }
   ```
 
-1. Include the path to your [SSH Key](/ssh-keys) if you have one added to your Pantheon account. If you aren't using a key, you'll be prompted to enter a password when using SFTP. Refer [Dashboard Credentials](/sftp#dashboard-credentials) for more information.
+1. Include the path to your [SSH Key](/ssh-keys).
 
   ```json:title=sftp.json
   {
@@ -90,4 +90,4 @@ The SFTP extension for VS Code allows you to upload code to the Pantheon Dev or
 
 ## More Resources
 
-- [Local Development on Pantheon](/guides/local-development)
+- [Local Development on Pantheon](/guides/local-development)
diff --git a/source/content/guides/sftp/08-troubleshooting-sftp.md b/source/content/guides/sftp/08-troubleshooting-sftp.md
@@ -31,10 +31,6 @@ If you **cannot** access that web page then your network or firewall is likely p
 
 If you **can** access that web page on port `2222` then your issue does not appear to be network or firewall related. Be sure to double-check or re-enter your [SFTP settings](/guides/sftp/sftp-connection-info), including SFTP mode and port `2222`. [Contact Pantheon Support](/guides/support/contact-support/) if you still have trouble.
 
-### I registered my Pantheon account via Google. How do I connect to SFTP?
-
-We recommend [adding an SSH Key](/ssh-keys) for extra security. If you've registered via social login (Connect with Google) and you'd still like to add a password to your account, logout and visit [https://dashboard.pantheon.io/reset-password](https://dashboard.pantheon.io/reset-password)
-
 ### I can't write to my codebase on Test or Live.
 
 This is part of the [Pantheon WebOps workflow](/pantheon-workflow) that keeps code and content safe. Please see [Using the Pantheon Workflow](/pantheon-workflow#understanding-write-permissions-in-test-and-live) for more information.
@@ -134,4 +130,4 @@ Unfortunately, no permanent solution has been found aside from changing Internet
 
 - [Domain Name System](/guides/domains/dns)
 - [Port 2222 Blocked Workaround](/guides/sftp/port-2222)
-- [SERVER_NAME and SERVER_PORT on Pantheon](/server_name-and-server_port)
+- [SERVER_NAME and SERVER_PORT on Pantheon](/server_name-and-server_port)
diff --git a/source/content/guides/wordpress-git/01-introduction.md b/source/content/guides/wordpress-git/01-introduction.md
@@ -53,7 +53,7 @@ Make sure that you have a:
  | [Cyberduck](https://cyberduck.io/)          |        [Sublime](https://www.sublimetext.com/)       |
  | [WinSCP](https://winscp.net/eng/index.php)  | [Atom](https://atom.io/)              |
 
-Demonstrations throughout this guide use Atom and Transmit. For fastest development, choose an SFTP client that uploads on save, and allows you to authenticate with an [SSH key](/ssh-keys). Creating a key takes a few minutes and handles the server authentication for you. Alternatively, you can use your Pantheon account password to sign in, when prompted.
+Demonstrations throughout this guide use Atom and Transmit. For fastest development, choose an SFTP client that uploads on save, and allows you to authenticate with an [SSH key](/ssh-keys). Creating a key takes a few minutes and handles the server authentication for you.
 
 Visit our guide to [Configure Visual Studio Code](/guides/local-development/visual-studio-code) to edit and sync code from within the text editor.
 

diff --git a/source/content/guides/wordpress-git/03-themes.md b/source/content/guides/wordpress-git/03-themes.md
@@ -46,7 +46,7 @@ This lesson demonstrates how to utilize Git while developing over SFTP with a lo
 
    1. Copy the value provided by Pantheon for **Host** and paste into Transmit's **Address** field. Do the same for **Port** and **Username**.
 
-   1. Click the key icon next to the **Password** field to add your private SSH key, or authenticate using your Pantheon Dashboard password.
+   1. Click the key icon next to the **Password** field to add your private SSH key.
 
    1. Click **Connect**:
 

diff --git a/source/content/migrate-manual.md b/source/content/migrate-manual.md
@@ -240,7 +240,7 @@ The codebase for each CMS upstream offered by Pantheon can be found on GitHub:
   Automatic merge went well; stopped before committing as requested
   ```
 
-  If you haven't already configured [SSH Keys](/ssh-keys), authenticate using your Pantheon Dashboard credentials when prompted for a password.
+  If you are prompted for authentication, configure an [SSH Keys](/ssh-keys).
 
 1. Review your current index using `git status`, then commit all changes.
 

diff --git a/source/content/partials/auth.md b/source/content/partials/auth.md
@@ -15,15 +15,3 @@ reviewed: ""
 Pantheon does not provide access to a shell environment over SSH. These directions allow you to have passwordless access if you configure Git, SFTP, or Drush to use SSH keys.
 
 You should load your public SSH key into your account to take full advantage of Pantheon. SSH keys are a best practice for authentication, allowing you more security than a simple password. You only have to configure this once, no matter how many sites you work on. Refer to [Generate and Add SSH Keys](/ssh-keys) for more information.
-
-### Dashboard Credentials
-
-Use your **Pantheon Dashboard** login password if you are prompted for a password when connecting to the platform.
-
-<Alert title="Heads Up!" type="danger">
-
-Dashboard Credentials as an authentication method will be retired on Apr 30, 2024. Please refer to the steps above to authenticate SFTP via SSH keys.
-
-</Alert>
-
-Larger agencies with multiple developers using password authentication to login may see access issues across the workspace. We strongly recommend using SSH keys to avoid potential authentication failures. Refer to [Pantheon Workspaces FAQs](/guides/account-mgmt/workspace-sites-teams/workspaces#why-do-login-attempts-fail-for-all-users-across-my-organization-simultaneously?) more information.
diff --git a/source/content/ssh-keys.md b/source/content/ssh-keys.md
@@ -163,8 +163,7 @@ You can use your Dev environment to clone your site code to your workstation:
 ![Delete SSH Key](../images/dashboard/remove-ssh-key.png)
 
 ### Site Access After Removing Keys
-
-You can still access the sites if you have active sites and no keys remaining. Make site changes via SFTP or Git using your account password to authenticate. If you sign in through Google and haven't defined a password, you can set one on the [Reset Password](https://dashboard.pantheon.io/reset-password) page.
+After removing SSH Keys from your user account, you will not be able to interact with the application and codeservers directly through command line interfaces like Git, SFTP, WP-CLI, and Drush. However removing SSH keys is separate from revoking the machine tokens used by Terminus to perform actions (e.g., creating Multidev environments) that can otherwise be done in the Pantheon Site Dashboard.
 
 ## Troubleshooting
 

diff --git a/source/content/visual-studio-code.md b/source/content/visual-studio-code.md
@@ -99,7 +99,7 @@ Make sure your site is in [SFTP mode](/guides/sftp) before uploading code via SF
   }
   ```
 
-1. If you have an [SSH Key](/ssh-keys) added to your Pantheon account, include the path to it:
+1. Include the path to your [SSH Key](/ssh-keys):
 
   ```json:title=sftp.json
   {
@@ -115,7 +115,7 @@ Make sure your site is in [SFTP mode](/guides/sftp) before uploading code via SF
   }
   ```
 
-  If you aren't using a key, you'll be prompted to enter a password when using SFTP. See [Dashboard Credentials](/guides/sftp) for more information.
+  An SSH Key is required when connecting via SFTP. See [SFTP Access and Authentication](/guides/sftp/sftp-connection-info) for more information.
 
   <Alert title="Warning" type="danger">
 

diff --git a/source/images/dashboard/sftp-connection-info.png b/source/images/dashboard/sftp-connection-info.png
diff --git a/source/images/guides/git-wordpress/sftp-connection-mode.png b/source/images/guides/git-wordpress/sftp-connection-mode.png
diff --git a/source/releasenotes/2024-04-17-sftp-authentication-changes.md b/source/releasenotes/2024-04-17-sftp-authentication-changes.md
@@ -1,11 +1,13 @@
 ---
-title: "SFTP access to require SSH keys starting April 30, 2024"
+title: "Dashboard Credentials deprecated as an authentication method for site connections starting April 30, 2024"
 published_date: "2024-04-17"
 categories: [action-required, deprecated]
 ---
 
-Pantheon is updating our SFTP access control, requiring the use of SSH keys starting <strong>April 30, 2024</strong>. Access via Pantheon usernames and passwords will be disabled.
+Pantheon is updating our platform access control, requiring the use of SSH keys starting <strong>April 30, 2024</strong>. Connecting to and interacting with remote Pantheon environments via your Pantheon dashboard credentials will be disabled.
 
-You'll still access the web dashboard with your username/password or Single Sign-On, but SFTP access (e.g., via terminal or applications like Filezilla or Cyberduck) will need an [SSH key](/ssh-keys).
+You'll still login to the Pantheon dashboard in the browser with your username/password or Single Sign-On, but connecting to and interacting with a given Pantheon site environment will require an [SSH key](/ssh-keys).
+
+This applies when connecting to Pantheon containers from the terminal (Git, SFTP, rsync, Drush, WP-CLI) as well as local applications like SFTP clients (Filezilla and Cyberduck).
 
 We are making this change to maintain a secure and reliable platform. Learn how to configure your SFTP client with SSH keys in our [documentation](/guides/sftp/sftp-connection-info#authenticating).