This is the website for an older EuroPython. Looking for the latest EuroPython? Click here!
Skip to main content

Rotating DB Passwords Without Breaking Your Django Server

Duration:
60 minutes

Abstract

This talk will focus on implementing a password rotation strategy for your database without disrupting your Django server or other applications that consume the database. Regular password rotation is a critical security practice, but it can pose challenges for applications and servers that rely on the password for access. We will discuss the importance of password rotation and explore the challenges of rotating passwords for a database in use by a Django server. We will also discuss several techniques for safely rotating database passwords, such as using connection pools and leveraging environmental variables. By the end of the session, attendees will better understand the security risks associated with static passwords and how to mitigate those risks through password rotation while keeping their Django server and other applications running smoothly.

PosterSoftware Engineering & Architecture

Description

Regular password rotation is a recommended security practice, but it can pose challenges for applications and servers that rely on the password for access. In this session, we will explore how to implement a password rotation strategy for your database without disrupting your Django server or other applications consuming the database.

We will discuss why password rotation is essential and how it can improve security posture. Next, we will explore the challenges that can arise when rotating passwords for a database used by a Django server, such as breaking application functionality or causing downtime.

We will then discuss several techniques for safely rotating database passwords, such as using database connection pools, decoupling credentials from code, and leveraging Django's built-in support for environmental variables.

By the end of the session, you will understand the importance of regularly rotating your database passwords and how to do so without causing disruptions to your Django server or other applications that rely on your database. You will also better understand the security risks associated with static passwords and how to mitigate those risks through password rotation.


The speaker

Kuldeep Pisda

Kuldeep Pisda

As someone passionate about technology, I have had the privilege of speaking at several international tech conferences, including APIDays India 2022, APISecure 2022, and DjangoCon US 2022. I was honored to have my proposal selected for DjangoCon US 2022, where I could share my insights with a global audience.

While I am grateful for my recognition, I know there is always more to learn and new perspectives to consider. Therefore, I approach each speaking opportunity as a chance to continue my learning and growth, as well as a chance to share my insights with others.

As a speaker, I aim to provide attendees with new ideas, fresh perspectives, and actionable insights. I strive to make my presentations engaging, educational, and thought-provoking, and I am always eager to hear feedback and incorporate new ideas.

I understand that I don't know everything, and I am humbled by the opportunity to learn from others. Being involved in the tech community is an ongoing journey, and I am eager to continue learning and growing however I can.