22. Secure Logging Practices

Logging should capture necessary information without leaking sensitive data.

Example

import logging

logging.basicConfig(filename="app.log", level=logging.INFO)

def process_user(username):
    logging.info("Processing user: %s", username.replace("@", "[at]"))

process_user("admin@example.com")

✅ Lesson: Sanitize logs and never include passwords or tokens.