WordPress secret keys and salts

To increase the security of a WordPress site you should add 8 different secret keys to the wp-config.php file.
WordPress has a convenient random secret keys generator wich allows you to copy/paste the keys at
api.wordpress.org/secret-key/1.1/salt/.

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY', 'your unique phrase here');
define('SECURE_AUTH_KEY', 'your unique phrase here');
define('LOGGED_IN_KEY', 'your unique phrase here');
define('NONCE_KEY', 'your unique phrase here');
define('AUTH_SALT', 'your unique phrase here');
define('SECURE_AUTH_SALT', 'your unique phrase here');
define('LOGGED_IN_SALT', 'your unique phrase here');
define('NONCE_SALT', 'your unique phrase here');

/**#@-*/

Example random keys from WordPress.org. These might be cached if you’re not logged in and therefore unsafe, better get your own at api.wordpress.org/secret-key/1.1/salt/

define('AUTH_KEY',         'K!?!O|nF!re#q]&;eKVXl_}^n:|D*j-+e@[F&N~u#Dk,Jr?BQt;Ua@44|(RV_dd{');
define('SECURE_AUTH_KEY',  '42NLTm Oa!=l!yOac{AS?[Z( *u8R%/-%{gdPow$C+}/Dg/+^0(qulV%+T/}U2M;');
define('LOGGED_IN_KEY',    '=DQ/B{`Cd@&s!Son48dBnzIf59N&=U@r^+m`)}On(sQ{TWcqN|UdlVYzc[}Bve|M');
define('NONCE_KEY',        'zG[_Tc;kTLnP+Z^3ZDU_+k)vw&-^6##B2E}9%=_&:xM4q0+}Sv0f66 60F5Cu$L3');
define('AUTH_SALT',        'FUA!A:zSx|*T~F%`hh1p(#U{$S0X;1;%Bxoaxq:l5_[nL!hum%XRuk[W;rtYZ%i)');
define('SECURE_AUTH_SALT', 'GaI$|*M*|90ue,)- 3W3|~}K@A+pPh{Mmip%~|}dtF{?$!82:2F.{nYQS[|LjQ{@');
define('LOGGED_IN_SALT',   '%CCLo~nL=&,Ml=ZPPM}wub:RJ~AO@[ttx+4/|4 (C_uHp(}+F#uIDoe}#,`r-bZ^');
define('NONCE_SALT',       'W}]ueQ{HG.!rj`#+FP|h(P}.lF/aS}?433iMUGg2}Eb/`BmW/+I?}`XF1Df)#%2j');

Leave a Reply