diff --git a/{{cookiecutter.project_slug}}/.envrc b/{{cookiecutter.project_slug}}/.envrc
index ff34d3f9..b43b6730 100644
--- a/{{cookiecutter.project_slug}}/.envrc
+++ b/{{cookiecutter.project_slug}}/.envrc
@@ -1,6 +1,16 @@
-# read the secrets from 1Password and set to the env
-AWS_ACCESS_KEY_SES=$(op read "op://{{cookiecutter.project_name}}/AWS_ACCESS_KEY_SES/token")
-AWS_SECRET_KEY_SES=$(op read "op://{{cookiecutter.project_name}}/AWS_SECRET_KEY_SES/token")
-POSTGRES_PASSWORD=$(op read "op://{{cookiecutter.project_name}}/POSTGRES_PASSWORD/token")
-DATABASE_URL=$(op read "op://{{cookiecutter.project_name}}/DATABASE_URL/token")
-DJANGO_SECRET_KEY=$(op read "op://{{cookiecutter.project_name}}/DJANGO_SECRET_KEY/token")
+# read the secrets from 1Password 
+# strip whitespace from the value and base64 encode it
+AWS_ACCESS_KEY_SES_value=$(op read "op://{{cookiecutter.project_name}}/AWS_ACCESS_KEY_SES/token" | tr -d '[:space:]')
+export AWS_ACCESS_KEY_SES=$(echo "$AWS_ACCESS_KEY_SES_value" | base64 -w 0)
+
+AWS_SECRET_KEY_SES_value=$(op read "op://{{cookiecutter.project_name}}/AWS_SECRET_KEY_SES/token" | tr -d '[:space:]')
+export AWS_SECRET_KEY_SES=$(echo "$AWS_SECRET_KEY_SES_value" | base64 -w 0)
+
+POSTGRES_PASSWORD_value=$(op read "op://{{cookiecutter.project_name}}/POSTGRES_PASSWORD/token" | tr -d '[:space:]')
+export POSTGRES_PASSWORD=$(echo "$POSTGRES_PASSWORD_value" | base64 -w 0)
+
+DATABASE_URL_value=$(op read "op://{{cookiecutter.project_name}}/DATABASE_URL/token" | tr -d '[:space:]')
+export DATABASE_URL=$(echo "$DATABASE_URL_value" | base64 -w 0)
+
+DJANGO_SECRET_KEY_value=$(op read "op://{{cookiecutter.project_name}}/DJANGO_SECRET_KEY/token" | tr -d '[:space:]')
+export DJANGO_SECRET_KEY=$(echo "$DJANGO_SECRET_KEY_value" | base64 -w 0)