Securely use psycopg2


I am a PostgreSQL user and would like to use psycopg2 to read in query data into a Jupyter notebook as dataframe.

My question here is: How can I store the credentials securely and use them in this case?

Hi thomas.meissnerб

Secure storage of accounts is a fairly broad question. Here are a few solutions to this.

  1. Use a separate .py file where accesses are located. It must be in the gitignore file and if by some mistake you uploaded it to Git then all accesses must be changed. Git stores everything.
    And import this file as other modules
  2. using environment variables to store accesses, here difficulties arise when transferring the script to another machine since you need to re-write the environment variables. Also difficulties may arise when using different virtualenv python since you need to write logic that would load different environment variables for different virtualenv.
  3. Use Doсker containers where the environment variables are sewn into the container

These are some of the most common storage methods. You can find others, such As base64 encoding or other methods. But since in the end you need to write the decoding logic, there is still a chance that hackers will get your data.

1 Like