This section describes the unique key for certificates in wordpress wp-config.php.
Role of Unique Key for Certificate
In wordpress wp-config.php,
AUTH_KEY
SECURE_AUTH_KEY
LOGGED_IN_KEY
NONCE_KEY
and so on.
This unique authentication key is used to encrypt and store various information in the user’s browser (cookie) in order to prove and authorize the user’s login information and other information when individual user communications occur behind the scenes of WordPress.
It is this encrypted retention of login information that allows you to use the administrator functions in the admin panel after logging in to WordPress.
Danger of having the unique key for authentication in the default state
The unique key for authentication is initially set to
put your unique phrase here
but leaving it as such is a security risk. If there is a virus on the user’s computer, or if the user’s temporarily stored cookies are stolen, the string “put your unique phrase here” could be used as a key for various WordPress-related authentication information. This is because
How to Create a Unique Key for Authentication
Unique keys for authentication are created in wp-config.php in the
{@link https://api.wordpress.org/secret-key/1.1/ WordPress.org's private key service}
The unique key for authentication is created by accessing the URL in wp-config.php with {@link WordPress.org’s private key service}, as shown below.
Copy and paste this string, insert it into the authentication key in wp-config.php, and upload it using FTP software.
Free WordPress:Malware Scanning & Security Plugin [Malware and Virus Detection and Removal].