PW101
Passwords, secrets and keys should not be hardcoded into Python files.
Python can easily be disassembled in memory and strings can be loaded.
Example
password = "SUPER_SECRET"
secret = "my super secret key"
Fix
Use a salted or one-way hash for storing passwords and compare against the hash.