Had an interesting situation where AI coding helped make something more secure.
I was writing a tool to connect to Azure AI, which requires an auth key. Some example code had this coming from an environment variable, which is a super common practice. So I asked AI if there was a way to make this more secure.
I was using Cursor, so it recommended (and implemented) a version where it securely prompted for the string at first launch and then stored the secret via keyring (Credential Manager on Windows).
Storing in keyring is far more secure, but realistically most people wouldn't do it by hand because the environment variable approach is "good enough." But because AI made it so easy, it actually got done.
=> More informations about this toot | View the thread | More toots from Lee_Holmes@infosec.exchange
text/geminiThis content has been proxied by September (3851b).