Security is a growing concern these days, just wondering how best to store 'secret keys' ?

Using MS Graph API as an example - you would need to register your application which returns a 'Client ID', then you generate a 'Client Secret' - you would then need to request for a token using these values.

Normally, these values would be stored/defined as per within the source.

Define C_$CLIENT_ID      for "6731de76-14a6-49ae-97bc-6eba6914391e"
Define C_$CLIENT_SECRET  for "JqQX2PNo9bpM0uEihUPzyrh"
The problem is these values are present as strings within the compiled EXE - so anyone using notepad or strings or even findstr could determine your application's client-id or worst its client-secret.

If you do a search for 'CLIENT_SECRET' within the compile EXE, the value is shown as per:
I guess the only way around this is to pre-encrypt the client secret and define C_$CLIENT_SECRET using the encrypted string, but then you have to protect the decryption key which could also be a string.

It almost feels like that DAW should have a method to encrypt strings in compiled programs.

Just wondering if there are any other techniques being used ?