WordPress Salt Generator
Generate fresh authentication keys and salts for your wp-config.php — runs in your browser using crypto.getRandomValues().
define('AUTH_KEY', '8zmGrct{]HZ3W?!Bnf%,,!akL-dw8W__O<#8VDvJHD7h-0iykg]{p}aL5^bYA6MH');
define('SECURE_AUTH_KEY', 'tu1hSWUcu&-{,rm&i=-X57*#alY]9Wr^JRwd@7R8B]AfBcPv%y#HV*^0XIKNfG.c');
define('LOGGED_IN_KEY', 'PF_Z-=]ELJ8>OF1#RW^!>JEBX=&<PasF-ywBGXrK4RC*O{=_7[ln60.=oC&sqGcX');
define('NONCE_KEY', 'F8RLyh)QH!5+47n]Y_x(myMgAOq.l7[nHYG8)}Z+E2j_]*(wMQR-Z%rkFIl[1xfy');
define('AUTH_SALT', 'O$#JJz9$Z27l>%.IU?)&k)YvpH{NY.WCrYf>Knk?RG7%VY^5yl*p^vyeEP>57q)T');
define('SECURE_AUTH_SALT', '+hrcZO8$%gqYy?6-^PeDerD[2lrJR&iY,mvlw&9]x$=$@&1fzLH2O0hYPzz2Vfh*');
define('LOGGED_IN_SALT', '(7>txV[RAcyxt{ez(lHJ-IkUG@P_b9+zg6WhHB2}Ssm[7YSHi@%e(OlsjC$4J<4%');
define('NONCE_SALT', ']>[#-g-D5gUJV*klw>H}ej{uHn>K%tJh,LkG]Z)mL8V>Rn?&$ZMp9YZ#S[(dRv8S');How to use this tool
- 1
Click Regenerate to produce fresh salts.
- 2
Copy all to your clipboard.
- 3
Paste over the existing AUTH_KEY block in wp-config.php.
- 4
All users will be logged out (cookies invalidated) — that's expected.
What is WordPress Salt Generator?
WordPress uses eight constants in wp-config.php to encrypt cookies and salt password hashes. Each should be a long random string. The official api.wordpress.org/secret-key endpoint serves these — but this tool generates them locally using your browser's cryptographic random number generator, so they never traverse the network.
Frequently asked questions
When should I rotate salts?▼
Why local generation?▼
Related tools
Bcrypt Hash Generator
Generate bcrypt password hashes (client-side).
HMAC Generator
Generate HMAC signatures with SHA-256, SHA-1, MD5.
AES Encryption
Encrypt and decrypt text with AES-256 in your browser.
2FA QR Code Generator
Generate TOTP/2FA QR codes for authenticator apps.
Password Strength Tester
Test password strength against entropy and dictionaries.
Caesar Cipher Encoder
Encode and decode Caesar cipher with custom shifts.