Secure password in an open source project

Question

Secure password in an open source project

I was thinking of starting an open source project on github, but I have no idea how to hide my passwords that I use when developing! because even if I change them, people will be able to see it in the commit history when I changed my password and then used it! now I am doing some kind of webmail with PHP and I am using my personal password. What are your suggestions?

+4

version-control passwords

TooCooL Apr 05 '11 at 20:35

source share

2 answers

Emil sit · Answer 1 · 2011-04-05T20:42:16+0000

Typically, this approach will be to isolate your passwords in the configuration files and not check the deployment configuration files. Instead, you will leave them to the side and apply them to your local working copy after the fact. Many projects will have template configuration files that you can fill out for starters.

See, for example, WordPress: http://core.trac.wordpress.org/browser/trunk/wp-config-sample.php

bmargulies · Answer 2 · 2011-04-05T20:40:32+0000

Make your code read password from a properties file that you are not passing a git repo to.

Secure password in an open source project

More articles: