Storing secrets in Emacs

Best approach seems to be via ~/authinfo.gpg.

Step 1 is using authinfo. It's a separate file for storing credentials that is only on your machine, so any config files you migh check in somewhere don't include them. It's a netrc file.

Step 2 is giving it a gpg extension. Then emacs will automatically encrypt and decrypt it.

• Keeping Secrets in Emacs with GnuPG and Auth Sources - Mastering Emacs
• emacs-fu: keeping your secrets secret