Beginner's Guide for WordPress / Start your WordPress Blog in minutes

How to Automatically Change WordPress SALT Keys

Are you looking for ways to protect your website from hackers?

WordPress security keys or SALT keys securely encrypt your login information. You can improve your website security by automatically changing your SALT keys.

In this article, we will show you how to automatically change WordPress SALT keys without any code.

Change WordPress Salt Keys

What Are SALT Security Keys?

When you log in to your WordPress website, there is an option for WordPress to remember your login credentials. This is achieved by storing the users’ authentication details in cookies. These expire after 15 days, when the user will have to log in again.

The danger is that this information could be compromised and place your website at risk, especially when using public computers.

That’s why WordPress uses security keys, or SALT keys, to protect users’ login credentials. SALTs are cryptographic tools that add extra information to your info, which provides another layer of security to your encrypted data.

The security and SALT keys are stored in the wp-config.php file, which is found in the root folder of your WordPress site. They look like this:

Security Config Keys

You can improve your WordPress security further by automatically changing your WordPress secret keys on a regular basis, such as weekly or monthly.

You could generate new SALT keys using the WordPress.org secret-key service and then change them manually using FTP. But, this process can be time-consuming and isn’t recommended if you don’t have coding experience.

With that being said, let’s take a look at how to set up an automated process to easily change security and SALT keys in WordPress.

How to Change WordPress SALT Keys

The first thing you need to do is install and activate the Salt Shaker plugin. For more details, see our guide on how to install a WordPress plugin.

Once the plugin is activated, you need to go to the Tools » Salt Shaker page in your WordPress admin to set a schedule for changing the SALT keys.

Automated Settings for Salt Keys

You must check the option to automatically ‘Change WP Keys and Salts’ and then select your schedule from the dropdown. You can automatically change the authentication keys daily, weekly, and monthly.

In case you want to change the security and SALT keys manually, then you can do so by clicking on the ‘Change Now’ button.

Note: Every time your WordPress SALT keys are changed, you and other users will be automatically logged out from your WordPress site on all devices. You can easily log back into your WordPress dashboard by going to the WordPress login page.

We hope this article helped you automatically change the WordPress SALT keys. You may also want to see our guide on how to install WordPress the right way or our expert picks for the best email marketing services for small businesses.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

Disclosure: Our content is reader-supported. This means if you click on some of our links, then we may earn a commission. See how WPBeginner is funded, why it matters, and how you can support us. Here's our editorial process.

The Ultimate WordPress Toolkit

Get FREE access to our toolkit - a collection of WordPress related products and resources that every professional should have!

Reader Interactions

5 CommentsLeave a Reply

  1. Hey WPBeginner readers,
    Did you know you can win exciting prizes by commenting on WPBeginner?
    Every month, our top blog commenters will win HUGE rewards, including premium WordPress plugin licenses and cash prizes.
    You can get more details about the contest from here.
    Start sharing your thoughts below to stand a chance to win!

  2. Hi, I’m new with everything WP.
    I don’t have any customers/ visitors who will need to log in and use a password at this stage in my Website development. Will the Salt plug in affect just me, as the administrator logging in , or will it affect general visitors coming to my website? I mean will basic visitors need to ow have a log in? : ) . Thank you for the information on Salt.

    • Only you would be affected and your users would not need a login for your site.

      Admin

  3. Are the SALTS also related to the stored user passwords in the database? Will changing SALTS cause all the user passwords to become corrupted?

Leave A Reply

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.