Suggest using os.environ['supersecretpassword'] instead of hard coded

[urmarc443]

I apologize for my ignorance, I've never contributed before but I wanted to bring this up as a potential improvement.

I think there is still an even better way to do this but I'm not familiar with best practice. However, I do think referencing the developers OS environment variable in settings.py is better than including the .gitignore[.env] hardcoded password.

I'm guessing the best way to set this would be through an install process but that could be for another improvement/iteration.

[morganog]

I think this is a really good idea, I gave it a label! Thanks for the input I will let people look at this and see if anyone has any other thoughts or wants to be assigned to it!

[urmarc443]

I submitted a PR with the suggested fix in settings.py. Do you mind assigning this to me? If that works I'd be grateful.

[morganog]

@urmarc443 I will assign this to you now! Sorry for the wait