Oops I Committed My Secret Key

July 20, 2016

420

Oops I Committed My Secret Key

Lightning talk given at DjangoCon US 2016

Philip James

July 20, 2016

Tweet

More Decks by Philip James

See All by Philip James

Frog and Toad Learn about Django Security - NBT6

0

27

The Elephant and the Serpent (PyLatam 2019)

0

69

Account Security for the Fashionable App Developer

1

70

All in the Timing: Side-Channel Attacks

0

67

0

46

All in the Timing: Side-Channel Attacks in Python

0

420

API-Driven Django

1

420

Type uWSGI; Press Enter; What Happens?

0

110

Type uWSGI; Press Enter; What Happens?

1

82

Other Decks in Technology

See All in Technology

SwiftDataを覗き見る

0

300

みんなでAI上手ピーポーになろう！ / Let’s All Get AI-Savvy!

0

200

SREの仕事を自動化する際にやっておきたい5つのポイント

6

880

会社紹介資料 / Sansan Company Profile

PRO

13

400k

かわいい身体と声を持つそういうものに私はなりたい

yoshimura_datam

0

390

さくらのクラウドでのシークレット管理を考える/tamachi.sre#2

1

210

フルカイテン株式会社エンジニア向け採用資料

0

10k

Oracle Cloud Infrastructure：2026年1月度サービス・アップデート

oracle4engineer

PRO

0

110

AI Agent Standards and Protocols: a Walkthrough of MCP, A2A, and more...

1

530

ファシリテーション勉強中その場に何が求められるかを考えるようになるまで / 20260123 Naoki Takahashi

PRO

3

360

3分でわかる！新機能 AWS Transform custom

1

140

AWS Amplify Conference 2026 - 仕様からリリースまで一気通貫生成 AI 時代のフルスタック開発

3

370

Featured

See All Featured

Stewardship and Sustainability of Urban and Community Forests

0

100

Testing 201, or: Great Expectations

46

7.9k

What Being in a Rock Band Can Teach Us About Real World SEO

0

160

Utilizing Notion as your number one productivity tool

2

200

Build your cross-platform service in a week with App Engine

234

18k

ピンチをチャンスに：未来をつくるプロダクトロードマップ #pmconf2020

128

55k

Designing for Performance

610

70k

150

16k

Building Adaptive Systems

44

2.9k

It's Worth the Effort

188

29k

Navigating Team Friction

192

16k

The innovator’s Mindset -  Leading Through an Era of Exponential Change - McGill University 2025

PRO

1

84

Transcript

Oops I Commi*ed My Secret Key Philip James @phildini h*ps:/
/www.wordfugue.com
$ django-admin.py startproject bestthingever $ git init $ git add
. $ git commit -m "Initial commit” $ git push origin master
None
Wait, have I?
YES. Signed Cookies Secure Sessions Password Reset Tokens
What do I do?
import os import warnings from django.core.exceptions import ImproperlyConﬁgured def get_env_variable(var_name):
""" Get the environment variable or return exception """ try: return os.environ[var_name] except KeyError: error_msg = "Set the %s env variable" % var_name if DEBUG: warnings.warn(error_msg) else: raise ImproperlyConﬁgured(error_msg)
SECRET_KEY = get_env_variable("SECRET_KEY")
How do I get a new key?
h*p:/ /www.miniwebtool.com/django-secret-key-generator/ $ python manage.py shell >>> from django.utils.crypto import
get_random_string >>> get_random_string(length=50)
What about my users?
OpOonal: No permanent key
Thanks. @phildini h*p:/ /bit.ly/secret-key Come back at 1:15PM for “Cat
on yer head”!