Ask HN: How do you store credentials to external services?
My current project involves sending e-mail and SMS, and receiving responses from users over the same channel. To connect the external providers, I have accounts with passwords.
Currently those passwords are just stored in plaintext in the source code, which feels slightly unsafe. I tell myself that the fear is completely unfounded and that if someone were to get access to the source code of the app, their ability to look at the passwords of external services will be a very small part of the problem. However, I feel it is prudent to ask before I move on:
Where do you store passwords for external services?
Thanks.
3 comments
[ 4.5 ms ] story [ 17.0 ms ] threadShould I bother with encrypting that file, or plaintext is fine?