Well, one way to do this is to put the passwords in a separate config / ini file, which is not deployed with the project. Then pass the path of this file to the main input of the application, for example:
python main.py --config=/path/to/config.ini
Note that you need to parse this --config argument (see argparse ) and then read and parse the config.ini file.
Update : Since you mentioned web applications, there is another way to pass configuration information - via environ . For example, if you use mod_wsgi , you can putt this in wsgi directives:
SetEnv my_namespace.some_param some_value
And then this value will be available in the application using os.environ :
import os os.environ['my_namespace.some_param']