== Ask Yourself Whether

* The password allows access to a sensitive component like a database, a file storage, an API, or a service.
* The password is used in production environments.
* Application re-distribution is required before updating the password.

There would be a risk if you answered yes to any of those questions.