Recall & Review
beginner
What is the purpose of the
SECRET_KEY in a Flask application?The
SECRET_KEY is used to secure sessions and protect against attacks like cookie tampering by signing cookies and other data.Click to reveal answer
beginner
How do you set the
SECRET_KEY in a Flask app?You set it by assigning a value to
app.config['SECRET_KEY'], usually a long random string, before running the app.Click to reveal answer
intermediate
Why should the
SECRET_KEY be kept secret and not hard-coded in public code?If exposed, attackers can forge session cookies or other signed data, compromising app security. Keep it private and use environment variables or config files.
Click to reveal answer
intermediate
What is a good way to generate a secure
SECRET_KEY?Use Python's
secrets.token_hex(16) or similar to create a random 32-character hex string for strong security.Click to reveal answer
beginner
What happens if you don’t set a
SECRET_KEY in Flask?Flask will warn you, and session data won’t be securely signed, risking tampering and security issues.
Click to reveal answer
What is the main use of
SECRET_KEY in Flask?✗ Incorrect
The
SECRET_KEY signs session cookies to prevent tampering.Which of these is a secure way to generate a
SECRET_KEY?✗ Incorrect
The
secrets module generates cryptographically strong random strings.Where should you store your Flask
SECRET_KEY for best security?✗ Incorrect
Keeping the key outside public code prevents accidental exposure.
What might happen if the
SECRET_KEY is leaked?✗ Incorrect
Leaked keys allow attackers to create fake signed data.
How do you assign a secret key in Flask code?
✗ Incorrect
The correct way is to set
app.config['SECRET_KEY'].Explain why the
SECRET_KEY is important in Flask and how you should manage it securely.Think about protecting user sessions and keeping secrets out of public code.
You got /3 concepts.
Describe how to generate and set a strong
SECRET_KEY in a Flask app.Focus on secure random generation and configuration.
You got /3 concepts.