WordPress.org

Support

Support » How-To and Troubleshooting » [Resolved] New to this and trying to do a upgrade:Authentication Unique Keys and Salts

[Resolved] New to this and trying to do a upgrade:Authentication Unique Keys and Salts

  • I’m new at this and I’m trying to do an upgrade. I’m at the part where they are asking me to do the: Authentication Unique Keys and Salts.
    I know i sound clueless (and that’s how I feel), but what does this mean? What do I do at this point? And what is it for? Please please help.

    * Change these to different unique phrases!
    * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
    * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
    *
    * @since 2.6.0
    */
    define(‘AUTH_KEY’, ‘put your unique phrase here’);
    define(‘SECURE_AUTH_KEY’, ‘put your unique phrase here’);
    define(‘LOGGED_IN_KEY’, ‘put your unique phrase here’);
    define(‘NONCE_KEY’, ‘put your unique phrase here’);
    define(‘AUTH_SALT’, ‘put your unique phrase here’);
    define(‘SECURE_AUTH_SALT’, ‘put your unique phrase here’);
    define(‘LOGGED_IN_SALT’, ‘put your unique phrase here’);
    define(‘NONCE_SALT’, ‘put your unique phrase here’);

Viewing 7 replies - 1 through 7 (of 7 total)
  • you just replace the lines you posted with the ones generated by clicking the link you posted above in the wp-config.php file

    I don’t get it. These are the lines from the wp-config.php file. I’m I suppose to put some type of phrase in them or just leave them as they are?

    Moderator James Huff

    @macmanx

    Support Team Rep.

    Exactly as the file says:

    * Change these to different unique phrases!
    * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}

    replace these lines

    define('AUTH_KEY', 'put your unique phrase here');
    define('SECURE_AUTH_KEY', 'put your unique phrase here');
    define('LOGGED_IN_KEY', 'put your unique phrase here');
    define('NONCE_KEY', 'put your unique phrase here');
    define('AUTH_SALT', 'put your unique phrase here');
    define('SECURE_AUTH_SALT', 'put your unique phrase here');
    define('LOGGED_IN_SALT', 'put your unique phrase here');
    define('NONCE_SALT', 'put your unique phrase here');

    with the ones you get visiting https://api.wordpress.org/secret-key/1.1/salt/

    Thank you

    with the ones you get visiting https://api.wordpress.org/secret-key/1.1/salt/

    I got hung up on that, too. It appeared as though they wanted us to include /WordPress.org in the string!

    Thanks for clarifying, James & Rev Voodoo!

    Better information can be found here:

    These are encryption keys to keep the cookies set on a viewers computer to be secure.

    You don’t have to remember any of the keys, rather, the configuration file will use and remember them for you. Since it uses the same set of keys to encrypt and decrypt the cookies, this is the only place they need to be stored.

    Changing them requires the user to log in again, because the old cookie, with the old encryption key, can no longer be read.

    Any sequence of letters, numbers and symbols can be used… you could even simply put your name in each of them. Using the link, however, will result in random garbage, simply because this is far harder to crack.

    A further recommendation (per that same page): NOTE: Since Version 2.6, wp-config.php can be moved to the directory directly above the WordPress application directory.

    Doing this, and correctly setting permissions will help keep this file secure. Keep in mind that this file contains your database pathname, username, password, as well as your encryption keys. Keeping this file secure should be paramount.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘[Resolved] New to this and trying to do a upgrade:Authentication Unique Keys and Salts’ is closed to new replies.