faraz176 / My_Website

0 stars 0 forks source link

Security Issue with SECRET_KEY and Password #1

Open zaharaKlein opened 3 years ago

zaharaKlein commented 3 years ago

Hello. My english not that very good. You have big issue with password exposed in file "Django User.Pass.text". Remove very quick or website will be hacked by admin log in. Use git rm User.Pass.txt in that directory to delete file and then commit and push to remote repo.

Also, your SECRET_KEY is exposed. It is in the settings.py in portfolio_tutorial. You need to do environment variable or good hackers will get password salt and crack all passwords. Watch this video: https://www.youtube.com/watch?v=IolxqkL7cD8

By the way, pictures of hot chicks are VERY hot! Nice supa_hot and chickhot. Good taste. image_2021-07-14_225007

Good luck!

zaharaKlein commented 3 years ago

You should watch CoreySchafer. He is better than realpython tutorials: https://www.youtube.com/watch?v=UmljXZIypDc.

faraz176 commented 3 years ago

Hello. My english not that very good. You have big issue with password exposed in file "Django User.Pass.text". Remove very quick or website will be hacked by admin log in. Use git rm User.Pass.txt in that directory to delete file and then commit and push to remote repo.

Also, your SECRET_KEY is exposed. It is in the settings.py in portfolio_tutorial. You need to do environment variable or good hackers will get password salt and crack all passwords. Watch this video: https://www.youtube.com/watch?v=IolxqkL7cD8

By the way, pictures of hot chicks are VERY hot! Nice supa_hot and chickhot. Good taste. image_2021-07-14_225007

Good luck!

Thank you! I will take care of it