Choosing an encryption key and hardcoding it in a repo is as bad as not having encryption

[terev]

https://github.com/natewong1313/bird-bot/blob/0a76dca2157c021c6cd5734928b1ffcf46a2b3b2/utils.py#L15

This key should really be a strong password chosen by the user and input every time the app is run to decrypt profile info. Preferably the user should be prompted for this key any time data is used.

[terev]

This is an implementation of ransomware waiting to happen until you rely on the user to supply the encryption key

[terev]

@yulayula16 what would look like an exploit?