[wp-hackers] Salting

Dobri dyordan1 at ramapo.edu
Mon Jul 1 18:32:02 UTC 2013

I might be wrong on how all of this works but since this -> https://api.wordpress.org/secret-key/1.1/salt/ exists, why isn't it built into wordpress to just grab a random set of salts on the initial installation and save it in the wp-config on its own instead of the 'put your unique phrase here'? I feel like a good 40-50% of all installations have exactly that as salts so I feel this would make it a bit more secure. Am I missing something?


More information about the wp-hackers mailing list