Creating Secret Keys in Python for use with the Flask Web Framework

This blog post is brought to you by the developer of BitBudget. BitBudget is an automated budgeting app for Android and iOS which syncs with your bank account and helps you avoid overspending. If you’d like to quit living paycheck-to-paycheck and get a better handle on your finances, download it today!

Working on a little web-dev project this afternoon and am diving into sessions for the first time with Python and Flask. Apparently when working with sessions in Flask you need to create a secret_key comprised of random bytes represented in hexadecimal. I’m sort of a high-level guy myself and am not used to working with bits, bytes, hexadecimal and whatnot, so I had to do a little googling to get up to speed and wanted to share what I learned here on the blog.

According to the official Flask documentation, you create your secret_key by assigning it a string value with this funky letter ‘b’ prefixed in front of your string literal:

# Set the secret key to some random bytes. 
# Keep this really secret!
app.secret_key = b'_5#y2L"F4Q8z\n\xec]/'

Okay, so how do you go about creating this hexadecimal code? I suggest heading over to and simply entering the following Python 3 code from my github gists to generate your hexadecimal:

topherPedersen’s Hexadecimal Conversion Tool

Generating Random Bytes in Hexadecimal