WordPress secret keys and salts

To increase the security of a WordPress site you should add 8 different secret keys to the wp-config.php file.
WordPress has a convenient random secret keys generator wich allows you to copy/paste the keys at
api.wordpress.org/secret-key/1.1/salt/.

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY', 'your unique phrase here');
define('SECURE_AUTH_KEY', 'your unique phrase here');
define('LOGGED_IN_KEY', 'your unique phrase here');
define('NONCE_KEY', 'your unique phrase here');
define('AUTH_SALT', 'your unique phrase here');
define('SECURE_AUTH_SALT', 'your unique phrase here');
define('LOGGED_IN_SALT', 'your unique phrase here');
define('NONCE_SALT', 'your unique phrase here');

/**#@-*/

Example random keys from WordPress.org. These might be cached if you’re not logged in and therefore unsafe, better get your own at api.wordpress.org/secret-key/1.1/salt/

define('AUTH_KEY',         '&IHHI}CzJ_WC3 |rPKC [,^-w)C{3)Q0EA3QX$QS&dM.lMLDlbH48C$ddS:GWh^L');
define('SECURE_AUTH_KEY',  'M|Ta89;y$]0lhyO)6u+^s8W-D$3].e)qUJ3/SJp8DkHl~({ICA;WAe-80l:Kd5qm');
define('LOGGED_IN_KEY',    '^BE]{~Bz;Obzx}t./^.;m)()sd.H*oG_y%x-9uTQC0ToKZ08)S[L*lXNfI1~t,Ye');
define('NONCE_KEY',        '&Nj6)z+-v{i=6T@YT(Il{0-Sdk|3E|J0}tZV5jC]&;aBk_*Y6%^+7;2]W87]n{*r');
define('AUTH_SALT',        '0gi9zJy[:T2+}*N}Z+t|Z,}|F`}%53.+9uy/5#Q]%Ub^5{moE{gK}Gg{+VU3;,|G');
define('SECURE_AUTH_SALT', 'QX-At1=qS,q18.}+:g0a%2aE||*7)P^-_/e:Ur$/Nj85^p_l(p:0!aLXhL%+;lk3');
define('LOGGED_IN_SALT',   '_K-ej|=7!U5cHYEv  `Z!EcOc$~.hT24Prs fUr7^NB}1Qb,QE}uk?*4ZV%|1,]t');
define('NONCE_SALT',       '-D{*Q*9{vi.6$:oP;_U%p(^vIee;?&Jr}T84+NtZV{PtsP{+}Mqo~VTUS`-;FF)A');

Leave a Reply