{
    my $horderec = $DB->get('horde')
	|| $DB->new_record('horde', {type => 'service'});
    my $horde_secret = $horderec->prop('SecretKey');
    if (not $horde_secret or length($horde_secret) < 57)
    {
	use MIME::Base64 qw(encode_base64);

	$horde_secret = "not set due to error";
	if ( open( RANDOM, "/dev/urandom" ) )
	{
	    my $buf;
	    # 57 bytes is a full line of Base64 coding, and contains
	    # 456 bits of randomness - given a perfectly random /dev/random
	    if ( read( RANDOM, $buf, 57 ) != 57 )
	    {
		warn("Short read from /dev/random: $!");
	    }
	    else
	    {
		$horde_secret = encode_base64($buf);
		chomp $horde_secret;
	    }
	    close RANDOM;
	}
	else
	{
	    warn "Could not open /dev/urandom: $!";
	}
	$horderec->set_prop('SecretKey', $horde_secret);
    }
}