How to secure paypal signature, username and password stored in app_config

Hi
I store paypal api username, password and signature as simple text in
config/app_config.yml. I would like to know whether this can be
protected , than just storing it as text which anybody can read from
app_config.yml.

Thanks
Tom

Hi
I am using app_config.yml exactly like
http://railscasts.com/episodes/143-paypal-security
Please help

Thanks

If you plan on encrypting it, you’ll need to store the encryption key
somewhere. Someone who has access to your app_config.yml file would
probably
also have access to wherever you stored the encryption key.

So you probably could encrypt it, but it wouldn’t really be solving
anything.

Why not just worry about not letting those who shouldn’t see the
username
and password have access to view app_config.yml?

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs