Currently, the API key is stored in the config file. The only way to "protect" it is to use file permissions, full disk encryption etc. But most people will not do that, so I think other methods should be offered.
Options:
Store the key encrypted & prompt for a decryption password (Py cryptography module, gpg etc)
Pull from Password Manager e.g. 1Password, Bitwarden
Currently, the API key is stored in the config file. The only way to "protect" it is to use file permissions, full disk encryption etc. But most people will not do that, so I think other methods should be offered.
Options:
Open to other ideas...