This is a collection of encryption libraries intended to encrypt and store passwords outside of source code.
Some advantages of keeping credentials out of source code are:
- Credentials are not passed around when source code is shared.
- Unintentional exposure of source code does not reveal credentials.
- Read-access to source code can be much more permissive.
- Source code can be checked into version control systems without concern for exposure of credentials.
- It is easier to change credentials without having to worry about changing all instances.
- Leaving credentials in source code leads to poor password management in general. If changing a credential requires you to change code, you are less likely to want to do it.
This project is IN PROGRESS. File bugs and feature requests.
License: MIT (see LICENSE file)
Copyright 2010, YELLOWPAGES.COM LLC Development by Neil Matatall [email protected]