diff --git a/.gitignore b/.gitignore
index 9eba662cd6b951fc8dcec32caa0c0b29f9bca3e0..03e37b83fde0b26f12187421f286c1d9cb8740ba 100644
--- a/.gitignore
+++ b/.gitignore
@@ -37,3 +37,4 @@ anon-export/
 
 # node
 node_modules
+secret
diff --git a/grady/settings/default.py b/grady/settings/default.py
index 47b0df73549d71f62dd11179b167962d25f308d2..0f18f2e73e5d89d9cbf4328400ad36923811cc2f 100644
--- a/grady/settings/default.py
+++ b/grady/settings/default.py
@@ -12,6 +12,8 @@ https://docs.djangoproject.com/en/1.10/ref/settings/
 
 import datetime
 import os
+import secrets
+import string
 
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 BASE_DIR = os.path.dirname(os.path.dirname(
@@ -21,7 +23,21 @@ BASE_DIR = os.path.dirname(os.path.dirname(
 # See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/
 
 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = '#1s$0+&d3c2&)t_1!4%uopgl)ewvs&wo+j+_22#f5&)8daglp)'
+try:
+    SECRET_KEY
+except NameError:
+    SECRET_FILE = 'secret'
+    try:
+        SECRET_KEY = open(SECRET_FILE).read().strip()
+    except IOError:
+        try:
+            SECRET_KEY = ''.join(secrets.choice(string.printable)
+                                 for i in range(50))
+            with open(SECRET_FILE, 'w') as secret:
+                secret.write(SECRET_KEY)
+        except IOError:
+            Exception('Please create a %s file with random characters \
+            to generate your secret key!' % SECRET_FILE)
 
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True