WordPress secret keys and salts

To increase the security of a WordPress site you should add 8 different secret keys to the wp-config.php file.
WordPress has a convenient random secret keys generator wich allows you to copy/paste the keys at

 * Authentication Unique Keys and Salts.
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 * @since 2.6.0
define('AUTH_KEY', 'your unique phrase here');
define('SECURE_AUTH_KEY', 'your unique phrase here');
define('LOGGED_IN_KEY', 'your unique phrase here');
define('NONCE_KEY', 'your unique phrase here');
define('AUTH_SALT', 'your unique phrase here');
define('SECURE_AUTH_SALT', 'your unique phrase here');
define('LOGGED_IN_SALT', 'your unique phrase here');
define('NONCE_SALT', 'your unique phrase here');


Example random keys from WordPress.org. These might be cached if you’re not logged in and therefore unsafe, better get your own at api.wordpress.org/secret-key/1.1/salt/

define('AUTH_KEY',         'J0MsDy5%$Gx|g Yi31-XR^=|C;enb#TnE`GPZHnO:zeE1}J7G{Vku&2wvO0,}|$z');
define('SECURE_AUTH_KEY',  'YwoX$yp7vsXh1R#j6Pm+is7YY_-FcA}asL!A4UgwVB,S?arq.(i[&9!yYPGuKa-j');
define('LOGGED_IN_KEY',    'Mp1w,.F)KfOmq(e8qJy{po)-jQLZJS@cfU0Ze{TJ Yrs9Q,=L7``jO-h^}K,b8&,');
define('NONCE_KEY',        'E6=zoYE~4-@$ZfH,re+|6R^L)|LIv,`]O?HjQy|_Po+!{/yM?oM,q}%|nToyX0m8');
define('AUTH_SALT',        ':tHI=ei=N?F@LjRP1J(o;l-vV2|}}S%R-khDFY6#z_yJjd+-!URJw1Jv-},%$jWr');
define('SECURE_AUTH_SALT', 'Fh(_u6NTU=/`73dt!5|{POtM-G{Yl+^[1 +m4-Ip=@k1Mw/jG[GB|5vC76?9,dj]');
define('LOGGED_IN_SALT',   'wxifbF.+PSn(FQN`_trHzN:KGmk}jM/|[cJ9!tn@pb4/L-JV1~@9R7#s/D{$yG+v');
define('NONCE_SALT',       ';ELK]bs{vQnP;m~2TO*Q+5CrZ[WlXKZiH]nKOfU%B+C/U8z_-#5~}UB0f{BXQ7mH');

Leave a Reply