# Python Quick Tip: Hiding Passwords and Secret Keys in Environment Variables (Windows) ## Метаданные - **Канал:** Corey Schafer - **YouTube:** https://www.youtube.com/watch?v=IolxqkL7cD8 - **Дата:** 01.02.2018 - **Длительность:** 4:38 - **Просмотры:** 182,594 - **Источник:** https://ekstraktznaniy.ru/video/12406 ## Описание In this Python Programming Tutorial, we will be learning how to hide passwords and secret information within environment variables on Windows machines. Hard-coding secret information is a common mistake that beginners make when learning Python. Hiding this information within environment variables allows you to access your secret information within your code without anyone else being able to see these values from your source code. Let's get started... The code from this video can be found at: https://github.com/CoreyMSchafer/code_snippets/tree/master/Python/Python-Environment-Variables Python Environment Variables (Mac & Linux): https://youtu.be/5iWhQWVXosU ✅ Support My Channel Through Patreon: https://www.patreon.com/coreyms ✅ Become a Channel Member: https://www.youtube.com/channel/UCCezIgC97PvUuR4_gbFUs5g/join ✅ One-Time Contribution Through PayPal: https://goo.gl/649HFY ✅ Cryptocurrency Donations: Bitcoin Wallet - 3MPH8oY2EAgbLVy7RBMinwcBntggi7qeG3 Ethereum Wallet - 0x1516494 ## Транскрипт ### Segment 1 (00:00 - 04:00) [] hey there how's it going everybody in this video we're just going to go over a quick tip showing how you can hide secret information in environment variables and then access that information from your python code so a couple of problems I see from people who are just getting started out is that they'll put information directly in their code that actually shouldn't be there so for example if they are working with databases or accessing an API and have a secret key then they'll have their passwords or secret Keys directly in their python script now the problem with that is that if you are working with a team of people or pushing your code to a repository of some kind then anyone who can see that code will also have access to that secret information so if you have that information saved in environment variables then you'll still be able to share your code but with your secret information saved on your local machine so let's see how we can do this so I have a script open here with some fake credentials and we can see that we have a fake database user and a fake database password um now this could also be a secret API key or any information that you don't want to share with everyone who has access to the code um so let's move these to environment variables Now setting environment variables is done differently on Windows and Linux machines and in this tutorial we'll be covering how to do this on Windows but if you're on a Mac or Linux machine then I have a separate video on how to do this on those operating systems as well and I'll leave a link to that in the uh the description section below if anyone has a need for that but if you're on Windows then we can set environment variables by navigating to the windows icon in the bottom left and clicking on that now we need to open up the control panel so I'm just going to search for that and then open up the control panel and from within here we need to open up system and security and then navigate to system and then within system in the left over here we need to go to Advanced system settings and then within this menu in the bottom right there is an environment variables button so if you click on that now within here we can add new user variables or new system variables now for our purposes user variables are going to be fine so we can add to those by clicking this new button here and now we can add our variables so we had a database user and a database password so I'll just type in uh all caps uh DB user now it doesn't have to be all caps but I like to have mine uh set as all caps so now I'll go back to the script here and I'll grab that DB user value and then paste that into our variable value and click okay and now let's also make the DB password so I'll do dbor pass and we will set that equal to the password from our script so I will copy that and paste that in and click okay and now you want to click okay down here at the bottom to save that and now after you've saved those you might need to restart your IDE or your Editor to get those changes to take effect so I'm in Sublime Text here so I'm going to close this down and then open this back up and now we can access our environment variables so to access these we're going to need to import the OS module so you can do that with import OS now we can access these uh variables by saying os. Environ now this is a dictionary so we can access the keys of that dictionary just by using the git method and then pass in the key that we want to access so we set this equal to DB user and now let's also do this for the password so I'll copy that line there and paste this in here and that was dbor pass so let's save that and now if we run that then we can see that we got the values that we set in our environment variables without them actually being hardcoded into our script so that's going to be a lot better for us since we no longer have to worry about our passwords or secret information being added to our source code so if you send someone this source code all they are going to see is this information right here okay so I think that's going to do it for this video uh like I said this is just a quick video addressing a problem that I see amongst people are just getting started out uh but hopefully now if you've run into this then you'll know how to get around that but if you do have any questions then feel free to ask in the comment section below and I will do my best to answer those and if you enjoy these tutorials and would like to support them then there are several ways you can do that the easiest way is to Simply like the video and give it a thumbs up and also it's a huge help to share these videos with anyone who you think would find them useful and if you have the means you can contribute through patreon and there's a link to that page in the description section below uh be sure to subscribe for future videos and thank you all for watching e