Generate WordPress salt

3 Views

I am in need of a function that automatically generates and returns salts for WordPress wp-config.php (Don’t link me to their API, I’m looking for offline solution).

Does WordPress core has this function defined somewhere?
If it doesn’t, can these salts be generated randomly or are there any specific rules for creating them?

Read More

Edit:
This is what I ended up with: 

    $keys = array('AUTH_KEY', 'SECURE_AUTH_KEY', 'LOGGED_IN_KEY',
              'NONCE_KEY', 'AUTH_SALT', 'SECURE_AUTH_SALT', 'LOGGED_IN_SALT', 'NONCE_SALT');
    $salts = '';
    foreach ($keys as $key) {
        $salt = wp_generate_password(64, true, true);
        $spaces = str_repeat(' ',16 - strlen($key));
        $salts .= "define('{$key}',{$spaces}'{$salt}');n";
    }

And the output is string: 

define('AUTH_KEY',        'f@5^8(OyZLS%+~LNQ6,w(Zpn`3X#A}o4t2LQuqc=x4vn+ b}xYM>TlSwB`|E;}PA');
define('SECURE_AUTH_KEY', 'vEEF@-c_`VO!d{s)_Nv^uS,)eg9{;60.$nU370/9E1z}O#iu)wkPrw8sh[TqGdC;');
define('LOGGED_IN_KEY',   '9:z95.y<_LhUnGlH>6%)/-szx8Dwj{z`#mz-C%taXoD:KK86k(?K-f{w]U5w(41v');
define('NONCE_KEY',       '?YP2djRHOn7[4n[p(KwmX#u.#^s3Fel%AKu@Ac,(L$1DM^@6NNk@x&B/w2/<an:@');
define('AUTH_SALT',       '$r>m{8@l?xDv<^uNz^.|<Am2}J3q(OMAS<dLB({66M)zy2ufOP8$x*{:US|7PL4x');
define('SECURE_AUTH_SALT','Nn4uU#rIe}7CaXw=Z?pk82Cqo8{ALC6McPHYq_G{><]_YWhHlEuk?`tJ6G[)D$)A');
define('LOGGED_IN_SALT',  'YLiGuP$DPKP-F3UGw(0#E0L1w;HO0L_Hkt6.(*92t*B6Mclq*`{OO[xM$3)]^9yi');
define('NONCE_SALT',      '{hh3bpLu$b:e8-uXiCx(3FaK3Q4[`/Mji}~<.cz8W#_a0[O!{h;Fm{^c]p>./RF{');
Post Views: 3

Related posts

Leave a Reply

2 comments

  1. Does WordPress core has this function defined somewhere?

    While I haven’t used it, you are probably looking for wp_salt or wp_generate_password. wp_salt is located in wp-includes/pluggable.php.

    can these salts be generated randomly

    Yes, of course.

    are there any specific rules for creating them

    There is no specific rule. The generic rule is to create long, random and complicated password. By default, WordPress generates them using wp_generate_password (wp_generate_password (64, true, true)). This function accepts three parameters (all are optional). The first param is the length (default value is 12), the second is to use standard special characters (boolean value, default is true), and the third is to use other special characters (boolean value, default is false).

  2. If anyone is using containers, one good way is to generate salt in entrypoint.sh.

    I converted the original wp_generate_password() function used by WordPress to generate salt values.

    Copy the following function into your entrypoint.sh

    #
# Generates a random password drawn from the defined set of characters.
# Inspired by WordPress function https://developer.wordpress.org/reference/functions/wp_generate_password/
#
# Parameters
# ----------
# $length
#   (ing) (Optional) Length of password to generate.
#   Default value: 12
# $special_chars
#   (bool) (Optional) Whether to include standard special characters.
#   Default value: true
# $extra_special_chars
#   (bool) (Optional) Whether to include other special characters. Used when generating secret keys and salts.
#   Default value: false
#
function wp_generate_password() {
  # Args
  length="$(test $1 && echo $1 || echo 12 )"
  special_chars="$(test $2 && echo $2 || echo 1 )"
  extra_special_chars="$(test $3 && echo $3 || echo 0 )"

  chars='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
  [[ $special_chars != 0 ]] && chars="$chars"'!@#$%^&*()'
  [[ $extra_special_chars != 0 ]] && chars="$chars"'-_ []{}<>~`+=,.;:/?|'

  password='';
  for i in $(seq 1 $length); do
    password="${password}${chars:$(( RANDOM % ${#chars} )):1}"
  done

  echo "$password"
}

    And then to generate salt, add something like:

    echo "define( 'AUTH_KEY',         '$(wp_generate_password 64 1 1)' );"
echo "define( 'SECURE_AUTH_KEY',  '$(wp_generate_password 64 1 1)' );"
echo "define( 'LOGGED_IN_KEY',    '$(wp_generate_password 64 1 1)' );"
echo "define( 'NONCE_KEY',        '$(wp_generate_password 64 1 1)' );"
echo "define( 'AUTH_SALT',        '$(wp_generate_password 64 1 1)' );"
echo "define( 'SECURE_AUTH_SALT', '$(wp_generate_password 64 1 1)' );"
echo "define( 'LOGGED_IN_SALT',   '$(wp_generate_password 64 1 1)' );"
echo "define( 'NONCE_SALT',       '$(wp_generate_password 64 1 1)' );"