diff --git a/secrets.conf b/secrets.conf
deleted file mode 100644
index 867bbf5..0000000
--- a/secrets.conf
+++ /dev/null
@@ -1,4 +0,0 @@
-[Credentials]
-api_key: xxx
-api_secret: yyy
-bearer_token: zzz
diff --git a/secrets.ini b/secrets.ini
new file mode 100644
index 0000000..c9d8e1c
--- /dev/null
+++ b/secrets.ini
@@ -0,0 +1,9 @@
+# Twitter developer credentials.
+# MAKE SURE USED VALUES AREN'T UPLOADED TO THE REPO!
+#
+# This file should be added to .gitignore as a safeguard.
+
+[Credentials]
+api_key='xxx'
+api_secret='yyy'
+bearer_token='zzz'
\ No newline at end of file
diff --git a/src/secrets.py b/src/secrets.py
new file mode 100644
index 0000000..710e704
--- /dev/null
+++ b/src/secrets.py
@@ -0,0 +1,29 @@
+import os
+import configparser
+
+# returns dictionary of the Credentials section.
+# NOT TO BE USED OUTSIDE OF THIS FILE.
+def get_ini_credentials():
+    c = configparser.ConfigParser()
+    if len(c.read(os.path.join(os.path.dirname(__file__), os.pardir, 'secrets.ini'))) > 0 and c.has_section('Credentials'):
+        return c['Credentials']
+    return None
+
+# returns the api_key stored in secrets.ini
+def api_key():
+    c = get_ini_credentials()
+    return c.get(option='api_key', fallback='xxx') if c is not None else 'xxx'
+
+# returns the api_secret stored in secrets.ini
+def api_secret():
+    c = get_ini_credentials()
+    return c.get(option='api_secret', fallback='yyy') if c is not None else 'yyy'
+
+# returns the bearer_token stored in secrets.ini
+def bearer_token():
+    c = get_ini_credentials()
+    return c.get(option='bearer_token', fallback='xxx') if c is not None else 'zzz'
+
+# print(api_key())
+# print(api_secret())
+# print(bearer_token())
\ No newline at end of file