What are the WordPress Authentication Keys and Salts?
WordPress Authentication Keys and Salts help protect your website from intrusion by encrypting the information that identifies you with the site.
This information stored in your cookies is encrypted using the WordPress Authentication Keys and Salts that are defined in your wp-config.php file.
It is recommended that you update these keys regularly and especially if you suspect that someone has gained unintentional access to the site.
Remember: When you update your keys and salts, all existing login sessions on the site will be terminated ‘ that is to say, everyone will need to login again.
How to update the WordPress Authentication Keys and Salts’
There are 3 steps to resetting the keys and salts’
- Backup your WordPress database and wp-config.php file You can do this manually or using one of our recommended backup plugins. (LINK)
- Get new authentication keys and salts by’clicking’this’link:https://api.wordpress.org/secret-key/1.1/salt‘and copying all the text in this page to a notepad
- Open wp-config.php in a text or code editor and locate the “Authentication keys” area (See the image below). There may already be keys there, it is ok to replace them if you’d like to.
- Replace all 6 lines in the file with all six lines copied from step 2.
- Save and replace your wp-config.php file with the new contents and you’re done.