The secrete data of the WordPress site is stored in the
wp-config.php
in the WordPress root directory. The secret keys are one of the bits of information stored in that particular file. So, make sure you change the default secret keys. WordPress secret or security Keys is a set of random variables that improve encryption of data stored in the client's cookies.
Earlier in
WordPress 3.0, the user has to install these security keys in the
wp-config.php
file manually but now by using the install wizard it automatically adds the security keys in the
wp-config.php
. Earlier, there are only 4 security keys but with in 3.0 version 8 security keys are available.
The code below demonstrates the format of 8 security keys in
wp-config.php
file.
[c]
define(‘AUTH_KEY’, ‘ put the unique phrase here’);
define(‘SECURE_AUTH_KEY’, ‘ put the unique phrase here’);
define(‘LOGGED_IN_KEY’, ‘ put the unique phrase here’);
define(‘NONCE_KEY’, ‘ put the unique phrase here’);
define(‘AUTH_SALT’, ‘ put the unique phrase here’);
define(‘SECURE_AUTH_SALT’, ‘ put the unique phrase here’);
define(‘LOGGED_IN_SALT’, ‘ put the unique phrase here’);
define(‘NONCE_SALT’, ‘ put the unique phrase here’);
[/c]
If not sure about the unique phrases, click the following link to get some security keys automatically.
Security keys