Easy, put your password in a settings_secret.py file, do not import this file on your repository. Add: from settings_secret import mysql_password ... you're set :)
Brice 2009/12/21 fruity <fru...@freaknet.org>: > Hello, > > I'd like to protect the mysql password that is in settings.py > > I read in the django docs that is possible to use SHA1 hashes as > password for mysql and I've tried using mysql to salt and hash the > password but still if I would have my project on a public svn|git > repository anyone could just read sha1$salt$hash and reverse it. > > Is there any common practice to protect this password? For example to > have it into an external file sources by the settings.py and use a svn > or git ignore on it? > > Also, how do you generate the hash? via mysql? slappasswd? cracklibs? > And how do you escape weird chars in the salt? > > I've tried to add sha1$mysaltnoweirdchars$hash and it gives me error on > django release 1.1 > > Thank you very much for your time. > > fruity > > -- > > You received this message because you are subscribed to the Google Groups > "Django users" group. > To post to this group, send email to django-us...@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en. > > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
