WordPress secret keys and salts

To increase the security of a WordPress site you should add 8 different secret keys to the wp-config.php file.
WordPress has a convenient random secret keys generator wich allows you to copy/paste the keys at

 * Authentication Unique Keys and Salts.
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 * @since 2.6.0
define('AUTH_KEY', 'your unique phrase here');
define('SECURE_AUTH_KEY', 'your unique phrase here');
define('LOGGED_IN_KEY', 'your unique phrase here');
define('NONCE_KEY', 'your unique phrase here');
define('AUTH_SALT', 'your unique phrase here');
define('SECURE_AUTH_SALT', 'your unique phrase here');
define('LOGGED_IN_SALT', 'your unique phrase here');
define('NONCE_SALT', 'your unique phrase here');


Example random keys from WordPress.org. These might be cached if you’re not logged in and therefore unsafe, better get your own at api.wordpress.org/secret-key/1.1/salt/

define('AUTH_KEY',         ':~#rm=_T!~F 3HpeJ15uITC]d9d|&Vlt-ic9v}xR:SfV }{sK(Vm{a!rdI#/`$n@');
define('SECURE_AUTH_KEY',  'GLA}~k+W^Xlb+!,CnUL=+IU+ljYMEj1Pl:Z^)f*M6{)R]gw+#m@!?c389Rz({a}o');
define('LOGGED_IN_KEY',    '(tTuZ0-e}[V?![BMY} #g~~SiP)aQhp*vA]bIk8j-!|ExkA.=J~ov|tf}#UHvvI4');
define('NONCE_KEY',        'M&xOwsx$E#S,IbSwk+sN2UJ hV +E~w=%P~h&TOZ`XE7/U7L18+-=.Y{tl~pcz!l');
define('AUTH_SALT',        's^a!/E9{I{m|6jk*Cs3M+Nv@bf/%v||Z3[},jgYFer90i%;{-0MWKH4gaGKAB#Jc');
define('SECURE_AUTH_SALT', 'Nq*V~JvnXJ#m9OLcAJ1L`JUqixL-o.|g:ePB_Bo5|e6?R^0q)^Fj }H4vaa{lB}y');
define('LOGGED_IN_SALT',   'kQ;_)N uA[k2^tK4Dh%h.W};_|l|s}0]yO^M-9@R(*rq{b:OD~h=d}B_wgE HfTG');
define('NONCE_SALT',       ':D~},ZG^7dOO!]qz}R/bPnPI_ (7Ce:}W7fpz+N. cn*jWxP_pCrF@XW@x45?)Qy');

Leave a Reply