WordPress secret keys and salts

To increase the security of a WordPress site you should add 8 different secret keys to the wp-config.php file.
WordPress has a convenient random secret keys generator wich allows you to copy/paste the keys at

 * Authentication Unique Keys and Salts.
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 * @since 2.6.0
define('AUTH_KEY', 'your unique phrase here');
define('SECURE_AUTH_KEY', 'your unique phrase here');
define('LOGGED_IN_KEY', 'your unique phrase here');
define('NONCE_KEY', 'your unique phrase here');
define('AUTH_SALT', 'your unique phrase here');
define('SECURE_AUTH_SALT', 'your unique phrase here');
define('LOGGED_IN_SALT', 'your unique phrase here');
define('NONCE_SALT', 'your unique phrase here');


Example random keys from WordPress.org. These might be cached if you’re not logged in and therefore unsafe, better get your own at api.wordpress.org/secret-key/1.1/salt/

define('AUTH_KEY',         '3j:mvk|)K+h5]]N{SB634*5nK7W.KSxT}3{.Tg#i0^99/+U{Qk.A$8qJ?&:MY8?I');
define('SECURE_AUTH_KEY',  '305+|e-=N#}zI)KA~5yj*=jwwtY)j@vhLR9ZP,,#a^dBTyv(|)7w{:ft`W|}alED');
define('LOGGED_IN_KEY',    'y[k.}uVE}}I+?vEnJ L/497L-rqbEb.@|!~,2}+]%e)A EY,$EcF{+/``)ZF,@c)');
define('NONCE_KEY',        '?_}%z8T?44=:?tS7pp!xj{OqjjM gBQTI~A|+CT*qf !;q~|v;.r?Yo`=auNIyX;');
define('AUTH_SALT',        '9K0L{jH0l*{|V; eygj5 !e|5^3Ar^18R_I;w,`_+Ll-)/9Tl1C|rO_=A#wRZd%m');
define('SECURE_AUTH_SALT', '%}10&yf2CNFr|[yEP%{.{Xkz4S?hU1-Mh A `gB)FH+H%_[_o4K%b{8^^}SfkF$*');
define('LOGGED_IN_SALT',   'kJ/&*{26ehAt08F/SWg}}$oH;3##/3S(V@++[]$9q$jJ9AWqB7O1+B~~((F^|QJ)');
define('NONCE_SALT',       'oFp,{(-92SfK2 &)3gSUk0#VHETYo_yMLoL1H7ohW-/=c+.`mvL;NdPcq|9zC@M#');

Leave a Reply