I am setting up a MySql database for my Django web app. Nothing special, I just follow the guide.
I don't want to write the password in the settings.py file. I am thinking of leaving it in a text file and add a few lines in the settings.py file to read it.
I would remove the read and write permission for "group" and "other" with chmod - only my user should be able to read the file... and my password will be safe, right?
Is this set up "safe enough"? Is there a better way to protect the password?
Thanks for your help!