I am seeking advice on the best and most secure place to store API keys.
Recently, my OpenAI key was deleted because it had apparently been leaked, according to OpenAI.
Realizing that hard coding the key was not a smart idea, I have since moved to storing it in my hosted database and downloading it when my app starts.
This approach seems more flexible, as I can replace the key without needing to release a new app version if it changes again.
My question is: where is the best place to store sensitive information like API keys? Additionally, what other types of data can be stored online without compromising security?
I understand that no solution is perfect, but I want to make it as difficult as possible for the buggers to access this information.