Greenguy's Board - View Single Post

Simon · 2008-04-29, 07:55 PM

Ronnie, that's correct, you'll never need to enter the SECRET_KEY anywhere else. WordPress uses what's entered in your wp-config.php file to help make more-secure cookies.

One very important note for anyone who installed a fresh copy of 2.5.x and just left the default value in the SECRET_KEY. If you leave it that way you're making it very easy for hackers since they can use that default value ("put your unique phrase here") to find their way into some places you'd rather they stay out of.

Generate a unique SECRET_KEY for each blog by using this link...
http://api.wordpress.org/secret-key/1.0/

.

2008-04-29, 07:55 PM	#8
Simon That which does not kill us, will try, try again. Join Date: Aug 2003 Location: Conch Republic Posts: 5,150	Ronnie, that's correct, you'll never need to enter the SECRET_KEY anywhere else. WordPress uses what's entered in your wp-config.php file to help make more-secure cookies. One very important note for anyone who installed a fresh copy of 2.5.x and just left the default value in the SECRET_KEY. If you leave it that way you're making it very easy for hackers since they can use that default value ("put your unique phrase here") to find their way into some places you'd rather they stay out of. Generate a unique SECRET_KEY for each blog by using this link... http://api.wordpress.org/secret-key/1.0/ . __________________ "If you're happy and you know it, think again." -- Guru Pitka