Glyph on the show to share his security fable as well as just good advice for keeping secrets out of Python code. Think about the different APIs and databases your applications work with. Each one of them requires either an API key or a database connection string that itself contains a password. How do you let your application access this sensitive information without storing it in source code?