Whenever possible, you should find ways to authenticate your scripts without the use of passwords. In a corporate setting, for instance, LDAP can be used for (say ...) MySQL authentication and authorization. There are no passwords in the script itself. The same thing can be done for SSH and even for web sites. The control is not based on "secrets," but rather central management.
|