WordPress secret keys and salts

To increase the security of a WordPress site you should add 8 different secret keys to the wp-config.php file.
WordPress has a convenient random secret keys generator wich allows you to copy/paste the keys at

 * Authentication Unique Keys and Salts.
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 * @since 2.6.0
define('AUTH_KEY', 'your unique phrase here');
define('SECURE_AUTH_KEY', 'your unique phrase here');
define('LOGGED_IN_KEY', 'your unique phrase here');
define('NONCE_KEY', 'your unique phrase here');
define('AUTH_SALT', 'your unique phrase here');
define('SECURE_AUTH_SALT', 'your unique phrase here');
define('LOGGED_IN_SALT', 'your unique phrase here');
define('NONCE_SALT', 'your unique phrase here');


Example random keys from WordPress.org. These might be cached if you’re not logged in and therefore unsafe, better get your own at api.wordpress.org/secret-key/1.1/salt/

define('AUTH_KEY',         '}m_obL*TL=fR@rPCzN-|1DSoSG+M)}~NCp.e/v(.kjJJ{35h+bAtN, BtqMs?=68');
define('SECURE_AUTH_KEY',  'WnENI|}{]$Bg#u@+}/N[oiA%pg*]/C]]WzX:t-o^H@a(bqm(V2Elc@W?_3/(aq;o');
define('LOGGED_IN_KEY',    'Z_XN[#l-Z+tz9|cW2Em}*KGn{|2} p m]&;F}a6.B]c=Z;51/H6OI&ePM~V]2`|^');
define('NONCE_KEY',        '1T`%NC_dg&@IJl#m3Z8]n-O|`5pS{edgv(tk1+4T0Aj{9^OWq_2o|Q}3#nvFD(pY');
define('AUTH_SALT',        '+!{Iqb&r(glx+qN6* kQlg8o|xZlifNNzl+}r?hG;n$y_u:nF`;m?uC?@emMDWq1');
define('SECURE_AUTH_SALT', 'b!BrfLDP[}msb9SyLV+j/9%{ymw{EE5(l3T^D{@3~x@xt{bOzO,OdU9y1.-L*k]|');
define('LOGGED_IN_SALT',   'uxJ&|KQ?0 EbIm~Yf_[g/Gxt}p5sZPpX~NPX@}4Bi`}G{Z /*E3[u`.{vub?%tYm');
define('NONCE_SALT',       '={6vt)~|qXW5YE%q;klW1{:?sS/{o9Ed:m,N;-y/|%(e/$Z8`9NOl)q{{qDP}aj}');

Leave a Reply