Title: API Key Security
Last modified: April 18, 2023

---

# API Key Security

 *  Resolved [dtolken](https://wordpress.org/support/users/dtolken/)
 * (@dtolken)
 * [3 years, 1 month ago](https://wordpress.org/support/topic/api-key-security/)
 * Hi Jordy
 * I think you should obfuscate / star out the api keys once they are added to the
   settings screen. I’m seeing usage that’s not mine and worried a colleague or 
   rogue previous developer stole one of my keys.
 * I have suggested to OpenAI that they add security so that keys can be tied to
   specific IPs or domains which would also help, but still trying to find the source
   of the ‘leak’ and this is all I can think of currently.

Viewing 2 replies - 1 through 2 (of 2 total)

 *  Plugin Author [Jordy Meow](https://wordpress.org/support/users/tigroumeow/)
 * (@tigroumeow)
 * [3 years, 1 month ago](https://wordpress.org/support/topic/api-key-security/#post-16663841)
 * Hi [@dtolken](https://wordpress.org/support/users/dtolken/),
 * I could make it so that the input text is of the password type, and we will not
   see the API KEY visually. However, there will be always a way to see it; it’s
   in the options, in the database. So if you have a developer working for you, 
   or an admin, they can definitely get access to it.
 * Another way would be to use my filters to add it dynamically through your code,
   and you could read the key from a file… but even that, a developer could get 
   access to it.
 *  Thread Starter [dtolken](https://wordpress.org/support/users/dtolken/)
 * (@dtolken)
 * [3 years, 1 month ago](https://wordpress.org/support/topic/api-key-security/#post-16678771)
 * Thanks, I think just making it like a password field would be a good first step,
   but get your point.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘API Key Security’ is closed to new replies.

 * ![](https://ps.w.org/ai-engine/assets/icon-256x256.png?rev=3431928)
 * [AI Engine - The Chatbot, AI Framework & MCP for WordPress](https://wordpress.org/plugins/ai-engine/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/ai-engine/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/ai-engine/)
 * [Active Topics](https://wordpress.org/support/plugin/ai-engine/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/ai-engine/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/ai-engine/reviews/)

## Tags

 * [usage](https://wordpress.org/support/topic-tag/usage/)

 * 2 replies
 * 2 participants
 * Last reply from: [dtolken](https://wordpress.org/support/users/dtolken/)
 * Last activity: [3 years, 1 month ago](https://wordpress.org/support/topic/api-key-security/#post-16678771)
 * Status: resolved