“Beginning with Version 2.6, three (3) security keys, AUTH_KEY, SECURE_AUTH_KEY, and LOGGED_IN_KEY, were added to insure better encryption of information stored in the user’s cookies. Beginning with Version 2.7 a fourth key, NONCE_KEY, was added to this group.
You don’t have to remember the keys, just make them long and complicated or better yet, use the online generator. “
If you have been using WordPress for a while, you may not have these keys in place and this could cause security issues. It’s a simple fix though.
WordPress has a tool to randomly generate the four keys. You can get yours at:
Once you have them, open up your wp-config.php file and past them in. If you have one or two security keys already you can either replace them or just add in the new ones.
Save the file, re-upload it and you’re done.
You’ll probably have to re-login to your blog, but the security keys will now be in place and can help give you peace of mind.
Keep in mind however that these are only one part of having a secure blog. Other things to keep in mind are:
- Use strong password for your blog login.
- Use strong password for your hosting login.
- Use strong password for your database login.
- Only using plugins that you can trust.
- Research a plugin before installing it to see what other say.
- Never give out your passwords.
- Keep your blog software & plugins up-to-date.
If you want to test out your password, Microsoft has a nice password checker tool that is free to use.
What other suggestions do you have to help keep a blog secure?