What’s the Best Way to Handle API Keys and Passwords in Python on Windows Server?

0
8
Asked By CleverCactus42 On

I'm currently working with Python on a Windows Server and I'm looking for the best way to manage my API keys and passwords without hardcoding them into my application. Is using python-dotenv still considered the best practice for this in 2026? Thanks for any advice!

6 Answers

Answered By ConfigFan12 On

Could you clarify if this is for local development or for staging/production environments?

Answered By CautiousCoder47 On

I personally prefer using python-decouple. Not sure if it's the absolute best though.

DebateJunkie23 -

The last update was a couple of years ago, so it might be getting a bit stale.

Answered By BugBuster21 On

One interesting approach I saw was from a source called Internet of Bugs. They suggest deploying the .env file temporarily during deployment and then deleting it right after. Worth a look!

Answered By WisdomSeeker8 On

Honestly, dotenv might not be the best choice anymore. For a well-secured system, it's ideal to pull secrets from a centralized secret management system to keep sensitive information off disk entirely.

SecureSavvy1 -

But how do you authenticate with the secret manager service?

TechNerd99 -

So, is it something like a service ticket from Kerberos?

Answered By PlainTextGuard On

I keep my credentials in a config.ini file. It’s straightforward for me.

JokingJasmine -

Lol, that's not the most secure method!

Answered By KeyMaster88 On

Have you checked out keyring? It can help manage your credentials securely and is worth considering!

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.