Beginner's Guide for WordPress / Start your WordPress Blog in minutes

How to Automatically Change WordPress SALT Keys

Recently one of our readers asked if it was possible to automatically change WordPress SALT keys? WordPress security authentication or SALT keys are the encrypted code that secure your login information. One way to enhance your WordPress security is by automatically changing your SALT keys. In this article, we will show you how to automatically change WordPress SALT keys without any code.

Change WordPress Salt Keys

What are SALT Security Keys?

Salt Keys aka security keys in WordPress are the variables that store your login credentials in an encrypted form. By default, WordPress saves your login information in cookies which given the right conditions can be compromised specially when using public computers.

One way to stay ahead of this risk is to change your security keys manually from your wp-config.php file that is available in the root folder of your WordPress site. The security and SALT keys will look like this:

Security Config Keys

We recommend changing these codes on a regular basis to improve your website security (every 3 – 6 months). You can manually generate the Salt keys from WordPress.org secret-key service.

While changing the keys manually isn’t hard, it’s still time consuming to manually edit a core file and upload via FTP. In case, you don’t have coding knowledge, or don’t have the time, then this solution is for you.

Let’s take a look at how easily you can set an automated process to change security and SALT keys in WordPress:

How to Change WordPress SALT Keys?

The first thing you need to do is install and activate Salt Shaker plugin. For more details, see our guide on how to install a WordPress plugin.

Once the plugin is activated, you need to go to Tools » Salt Shaker page in your WordPress admin to set a schedule for changing the SALT keys.

Automated Settings for Salt Keys

You need to check the option for automatically changing the Salt keys and then select your schedule from the dropdown. You can automatically change the authentication keys daily, weekly, and monthly.

In case you want to change the security and Salt keys manually, then you can do so by clicking on the Change Now button.

Note: Every time your WordPress SALT keys are changed, you and other users will be automatically logged out from your WordPress site on all devices. You can easily re-login to your WordPress dashboard by going to the WordPress login page.

We hope this article helped you automatically change the WordPress SALT keys. You may also want to see our ultimate WordPress security guide to improve your website security.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

Disclosure: Our content is reader-supported. This means if you click on some of our links, then we may earn a commission. See how WPBeginner is funded, why it matters, and how you can support us.

The Ultimate WordPress Toolkit

Get FREE access to our toolkit – a collection of WordPress related products and resources that every professional should have!

Reader Interactions

4 CommentsLeave a Reply

  1. Hi, I’m new with everything WP.
    I don’t have any customers/ visitors who will need to log in and use a password at this stage in my Website development. Will the Salt plug in affect just me, as the administrator logging in , or will it affect general visitors coming to my website? I mean will basic visitors need to ow have a log in? : ) . Thank you for the information on Salt.

    • Only you would be affected and your users would not need a login for your site.

      Admin

  2. Are the SALTS also related to the stored user passwords in the database? Will changing SALTS cause all the user passwords to become corrupted?

Leave A Reply

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.