id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
19679	"Default ""settings.py"" does not adequately describe ""SECRET_KEY"""	retail79174@…	nobody	"In Django 1.3.4, after creating a project, the file ""settings.py"" contains the comment
    # Make this unique, and don't share it with anybody.
for ""SECRET_KEY"".  This is not clear for several reasons:

    1. It implies that the Django administrator has to do something to make it unique,
    2. Does not describe if and when it should ever be edited, and
    3. ""don't share it"" is ambiguous, especially for non-native English speakers.

The message should be changed to something like:

    # This secret key was randomly-generated when you created your project; it is
    # used for session encryption among other things.  Do not change it unless you 
    # need to share session information among multiple Django sites.  Make sure 
    # to protect it from being read by outsiders, or your site security may be
    # compromised.
"	Cleanup/optimization	closed	Core (Management commands)	1.4	Normal	fixed	settings secret key		Accepted	1	0	0	0	1	0