[wp-hackers] The security week? :)
MichaelH
justmichaelh at gmail.com
Thu Apr 17 13:48:33 GMT 2008
So is the following accurate?
1. For a new WordPress installation, it is HIGHLY RECOMMENDED to replace the
'put your unique phrase here' with your own SECRET_KEY phrase.
2. If you don't change the 'put your unique phrase here' phrase, you are
actually better off deleting the SECRET_KEY definition from wp-config.php.
3. For users upgrading from pre 2.5 versions, it is recommended to add the
SECRET_KEY definition to wp-config.php after doing the upgrade.
4. And again, for upgrading users, if they don't add the SECRET_KEY
definition to their existing wp-config.php, that is okay.
5. At any time, you can change the SECRET_KEY value in wp-config.php and
NOT cause problems when users log in with their existing password.
Thank you for your reply.
MichaelH
More information about the wp-hackers
mailing list