WordPress is a free open source blog publishing platform which can also be used for content management. The biggest problem with open source applications is that they are vulnerable to security threats since they are freely available to desirable as well as undesirable users of the internet, so one should be cautious and ensure proper security of his WordPress powered blog or website.

In this article I will show you how you can use WordPress Security Keys to make your WordPress site more secure.

WordPress Security Keys is a set of random variables that encrypts information which is stored in the user’s cookies making it more harder to crack user login information. There are total of four security keys: AUTH_KEY, SECURE_AUTH_KEY, LOGGED_IN_KEY, and NONCE_KEY.

How to use Security Keys on your WordPress site?

First of all get your own unique security keys. WordPress has a random key generator that can give you the keys.

Then you have to edit wp-config.php file in WordPress root directory ( same directory where wp-content, wp-admin and other files are stored).

Open wp-config.php and look for the code below:


Replace the above code with the security keys we generated in step 1. Save your wp-config.php file and you are done.

You do not have to remember these security keys. You saved it in wp-config.php once and that’s it. Now log-in and out in your WordPress dashboard normally as you do.

I will be writing more tips and tricks on WordPress Security. To keep yourself updated subscribe to our feed via rss or follow me on twitter.