This post is > 3 years old. Buyer beware

Don't keep sensitive settings in

If you are checking your into your git repository you must make sure you aren’t including any potentially sensitive information such as database passwords, secret keys and so on.

A quick and easy way to avoid this is to create a separate file:

  'ENGINE' : 'django.db.backends.postgresql_psycopg2',
  'NAME' : 'dbname',
  'USER' : 'dbusername',
  'PASSWORD' : 'dbpassword'
SECRET_KEY = '...'

and import it in your

from private import *
# ...

while blocking it via your .gitignore