id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
31757	Adjust default SECRET_KEY to use `dj::insecure` prefix and add matching deployment system check.	Carlton Gibson	kosc	"[https://groups.google.com/d/topic/django-developers/CIPgeTetYpk/discussion Recent thread on the mailing list about making the default settings more 12 factor friendly]. (Related to similar discussions in say #20081.) 

Conclusion there was that environment variables are only one way to go. (...)

In the discussion it came up that we could prefix the generated SECRET_KEY with say, `dj::insecure` and then add a deployment system check to ensure that wasn't used in production. (Paraphrasing various points: might not be 100% robust but would capture most cases.) 

So: 

* Prefix secret key in project template. 
* Add system check to ensure secret key does not have prefix. "	New feature	closed	Core (System checks)	dev	Normal	fixed		René Fleschenberg Shai Berger	Ready for checkin	1	0	0	0	0	0