Open GoogleCodeExporter opened 9 years ago
Interesting idea. It's always a good idea to try to store credentials securely
in the OS's common encrypted store (e.g., the OS X keychain). In my experience,
though, it's generally seen as "good enough" to use an API key that can be
easily revoked (instead of a real password as MusicBrainz uses) and to make
sure the file is not world-readable.
Maybe we can eventually convince the MusicBrainz folks to use an API key model.
Original comment by adrian.sampson
on 18 Feb 2013 at 11:21
Personally I'd prefer if there was some sort of crypto token that the
server generates & stored in state.pickle. Like OAuth.
Original comment by colin.p....@gmail.com
on 19 Feb 2013 at 1:06
Original issue reported on code.google.com by
colin.p....@gmail.com
on 18 Feb 2013 at 7:25