WordPress secret keys and salts

To increase the security of a WordPress site you should add 8 different secret keys to the wp-config.php file.
WordPress has a convenient random secret keys generator wich allows you to copy/paste the keys at
api.wordpress.org/secret-key/1.1/salt/.

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY', 'your unique phrase here');
define('SECURE_AUTH_KEY', 'your unique phrase here');
define('LOGGED_IN_KEY', 'your unique phrase here');
define('NONCE_KEY', 'your unique phrase here');
define('AUTH_SALT', 'your unique phrase here');
define('SECURE_AUTH_SALT', 'your unique phrase here');
define('LOGGED_IN_SALT', 'your unique phrase here');
define('NONCE_SALT', 'your unique phrase here');

/**#@-*/

Example random keys from WordPress.org. These might be cached if you’re not logged in and therefore unsafe, better get your own at api.wordpress.org/secret-key/1.1/salt/

define('AUTH_KEY',         '-+}&A3t#m/0Ci_6i#J-gJm}8%4z[-C?a%)Xii`|wG-s%A@__kV@FCJ:um3(*n%]t');
define('SECURE_AUTH_KEY',  '+Jp2qXj$.DbLGPCPY6-}sx=-Tb-i|ehD+tcPmZY[-#|xJF4$nE,=@a7*ROLAs+PE');
define('LOGGED_IN_KEY',    'q9mXg]UbnAs0U6}LXM#+5-[By%,o?BVJ(4WL+&pw2}Ju$Qknpytq1V)53x;v%&3/');
define('NONCE_KEY',        'q?F@[{jLjK!+7qiwC(U+o(D!t{(1v6-kn$:M*EpJjV:D*]Vn]~]3{{;@^g{+|P% ');
define('AUTH_SALT',        'WpT7MXUUdS4tzQ7-@_%Zvg*}=0_P``}IvnVk&{+gik[Hh;L.pg 0^t_!MK|?#3|j');
define('SECURE_AUTH_SALT', '_wr}qbx;{ajUvj{1 qb/1O=gW3chz{JoqjHYk-iDX.3 ~TOp.1fccx6~G-l1V:4h');
define('LOGGED_IN_SALT',   'Sd|fU=&!{Eb|%iam{#)!Q9U[ xp^]Zx|5Fv8/k5W_+m4Z-C9vq+h+.J6(]ldrPsS');
define('NONCE_SALT',       'Eep^x-!JIkuK/x[68enan5u{d, (x)n#Un4Gk{aB1R,)kAqs|,_X(G]Y+,&)8D~z');

Leave a Reply