WordPress secret keys and salts

To increase the security of a WordPress site you should add 8 different secret keys to the wp-config.php file.
WordPress has a convenient random secret keys generator wich allows you to copy/paste the keys at
api.wordpress.org/secret-key/1.1/salt/.

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY', 'your unique phrase here');
define('SECURE_AUTH_KEY', 'your unique phrase here');
define('LOGGED_IN_KEY', 'your unique phrase here');
define('NONCE_KEY', 'your unique phrase here');
define('AUTH_SALT', 'your unique phrase here');
define('SECURE_AUTH_SALT', 'your unique phrase here');
define('LOGGED_IN_SALT', 'your unique phrase here');
define('NONCE_SALT', 'your unique phrase here');

/**#@-*/

Example random keys from WordPress.org. These might be cached if you’re not logged in and therefore unsafe, better get your own at api.wordpress.org/secret-key/1.1/salt/

define('AUTH_KEY',         '+{&Lrxs7 mvVn;CgB&1Jg%s/tJyg~Er^c&jg5-D.oOe..WPqtJgCdZ2FJbY=Ed}L');
define('SECURE_AUTH_KEY',  '_&V1,7(m.s)2RRcW, |B{F)usf:s%{4qFz}g}5_z:ZKT;2Te-&grQ-emWeJ9]ffg');
define('LOGGED_IN_KEY',    'xUjPb2 q&v9;T8*;gD3r8;-%!7;!50_NuBOg=[@_)8drx+0hEWY-9=K}I:5|P47^');
define('NONCE_KEY',        '-Lcf{MR{&ou:Dj2z)4@F|9Y3OM{:SI)l~!cm{NL;b?nb*VvrC9-WF3X8{UiFnHk]');
define('AUTH_SALT',        'G:_!3C(;}~R?kM?.fbshR,3|;gNV-&jDlk.N)}6w,R?JqDes,4QF4)t,U:};PxFz');
define('SECURE_AUTH_SALT', 'ky}}?{|O5.M!]LSSG`.)2g|~MD?oPGf`R-p%gkYi)(=]+,2U7E2K{Cf{3vODAHS|');
define('LOGGED_IN_SALT',   '/Jruu-]J%h0F5b;/WT-Y(gQce3&BQz/G~{zIu+QzEk+rhi=;17!%:j1g#}ME*H;H');
define('NONCE_SALT',       'M[.*By&[)J1{]v4lCA4:a!]NA|u?zH%)xL`CD%L0i_ft:)h$T~wfNDnaZ_6UeG|@');

Leave a Reply