It struck me that my recaptcha keys and mail password are stored in db.py as plain text. At least under fluxflex hosting this file is stored in public_html. Am I right that this poses a privacy and security problem, or am I missing a safety feature?
I'm also wondering about this kind of information in the app files when I upload them to my (public) github repo. How do people handle obscuring that private information without crippling the app on the repository? As you can tell I'm new to a lot of this. Thanks. Ian
