As per OWASP Secure Coding Practices (Developer Guide - Memory Management):
“Overwrite any sensitive information stored in allocated memory at all exit points from the function.”
https://devguide.owasp.org/en/04-design/02-web-app-checklist/08-protect-data/
(OWASP Developer Guide — part of owasp.org)
Best practice to do this is to overwrite all used keys with zeros.
As per OWASP Secure Coding Practices (Developer Guide - Memory Management):
Best practice to do this is to overwrite all used keys with zeros.