Some people are upset that database.yml can expose passwords in plaintext. However, there is a pretty simple way to get encryption into database.yml. Because the database.yml file is actually run through an ERB interpreter by Rails, we can put code into our file:
# database.yml
production:
adapter: mysql
username: db_user
password: <%= custom_method_to_obtain_password %>
host: your_db_host