Hiding Secret Keys and Passwords in Python

Shivam Verma
3 min readMar 17, 2021
Google Images

Whenever you upload your project or code on your GitHub containing some secret keys and passwords, and if that repo is public, remember that the users running the file will have at least read access to it and can easily grab the passwords. Always think about security very carefully, it’s important. E.g., you have to always hide your secret keys in a Django application, google OAuth credential keys or tokens, etc.

I will straightforwardly guide you. After this tutorial, you will be able to hide your passwords from anyone who opens your project on github.

We will make a sample python file let’s say temp.py, and try hiding the password in it.

Take this code, for example; if I upload this code on Github, obviously, I don't want other people to see the password contained in my .py file.

I will need the config function found in the ‘decouple’ module in python to hide the password. To install this module, run the following command on your terminal:

pip install python-decouple

--

--

Shivam Verma
Shivam Verma

Written by Shivam Verma

SWE @Microsoft || Building @shop2app || prev intern @daveai, @plunes & @rivi || Interview Preparation with me at https://topmate.io/shivam_verma10

Responses (9)