My app uses a library to send emails to a pre defined mailbox.
In my Constants file I have defined my smtp host, smtp username and smtp password.
The problem is, the password is in plain text.
How can I store it safely?
This a preview of my Constants.kt
file:
const val SMTP_HOST = "smtp.gmail.com"
const val SMTP_USER = "[email protected]"
const val SMTP_PASSWORD = "123456"
CodePudding user response:
In my view, a safer way is to unbind this "frontend" and make the application consume a service from the backend and it is responsible for doing this email. And on the backend you put the password as an environment variable or encrypt it in some database
CodePudding user response:
A better way would be to store your password in an env var and load it:
val SMTP_PASSWORD = System.getenv("PASSWORD")
Also, the topic has been discussed extensively on SO (here, for example).
CodePudding user response:
You can keep your sensitive information on your .env file and you shouldn't send it to version control system and change it in the staging / production area.