diff --git a/ara/server/settings.py b/ara/server/settings.py
index a766ab5..f8c767b 100644
--- a/ara/server/settings.py
+++ b/ara/server/settings.py
@@ -2,6 +2,7 @@ import os
 import textwrap
 
 import yaml
+from django.utils.crypto import get_random_string
 from dynaconf import LazySettings
 
 settings = LazySettings(GLOBAL_ENV_FOR_DYNACONF="ARA", ENVVAR_FOR_DYNACONF="ARA_SETTINGS")
@@ -19,7 +20,14 @@ CORS_ORIGIN_ALLOW_ALL = settings.get("CORS_ORIGIN_ALLOW_ALL", False)
 
 ADMINS = settings.get("ADMINS", ())
 
-SECRET_KEY = settings.get("SECRET_KEY")
+
+def get_secret_key():
+    if not settings.get("SECRET_KEY"):
+        return get_random_string(length=25)
+    return settings.get("SECRET_KEY")
+
+
+SECRET_KEY = get_secret_key()
 
 # We're not expecting ARA to use multiple concurrent databases.
 # Make it easier for users to specify the configuration for a single database.
@@ -157,7 +165,7 @@ if not os.path.exists(DEFAULT_CONFIG):
         ALLOWED_HOSTS=ALLOWED_HOSTS,
         CORS_ORIGIN_WHITELIST=CORS_ORIGIN_WHITELIST,
         CORS_ORIGIN_ALLOW_ALL=CORS_ORIGIN_ALLOW_ALL,
-        SECRET_KEY="please-change-this",
+        SECRET_KEY=SECRET_KEY,
         DATABASES=DATABASES,
         STATIC_URL=STATIC_URL,
         STATIC_ROOT=STATIC_ROOT,
@@ -178,3 +186,5 @@ if not os.path.exists(DEFAULT_CONFIG):
         """
         config_file.write(textwrap.dedent(comment))
         yaml.dump({"default": CONFIG}, config_file, default_flow_style=False)
+
+ARA_SETTINGS = os.getenv("ARA_SETTINGS", DEFAULT_CONFIG)
diff --git a/tox.ini b/tox.ini
index ae5444a..edaa54c 100644
--- a/tox.ini
+++ b/tox.ini
@@ -26,7 +26,6 @@ setenv =
   ARA_DEBUG=true
   ARA_LOG_LEVEL=DEBUG
   ARA_BASE_DIR={toxinidir}/.tox/ansible-integration/tmp/ara
-  ARA_SECRET_KEY=testing
 
 [testenv:runserver]
 commands =
@@ -37,7 +36,6 @@ setenv =
   ARA_DEBUG=true
   ARA_LOG_LEVEL=DEBUG
   ARA_BASE_DIR={toxinidir}/.tox/ansible-integration/tmp/ara
-  ARA_SECRET_KEY=testing
 
 # Temporary venv to help bootstrap integration
 [testenv:ansible-integration]
@@ -52,7 +50,6 @@ setenv =
   ARA_DEBUG=true
   ARA_LOG_LEVEL=DEBUG
   ARA_BASE_DIR={toxinidir}/.tox/ansible-integration/tmp/ara
-  ARA_SECRET_KEY=testing
 whitelist_externals =
   rm
   bash