-------- Original message -------- From: John Mark Vandenberg jayvdb@gmail.com Date: 15/06/2014 08:19 (GMT+00:00) To: Pywikipedia discussion list pywikipedia-l@lists.wikimedia.org Subject: [Pywikipedia-l] Secret management

We have four sets of cleartext passwords (http & proxy & db), and secrets such as various API keys and mw cookies and edit tokens.

The passwords are stored in two files in clear text (user-config.py and. passwd). Other secrets are in cached api files, etc.

I would like to introduce an optional dependency on a library to manage (some of?) these secrets. The current secret storage would continue to work correctly.

The keyring package is the obvious candidate. Any objections or improvements on that?