How does WordPress encrypt its users passwords?
WordPress stores your plain text passwords in an encrypted mode and that is for a reason; if someone hacks your database he won't really know what were the passwords you and your users were using. Thats a relief considering many of you use the same passwords for a bunch of websites(like your google account login).
So if you ever forget your WP user password you will need to reset it and create a new one. In our next post I'm going to show 2+1 ways to restore or change your user password on WordPress.
Even though WordPress stores your password as an Md5 Hash when you try to login the password is "mixed" with a bit of salt making extra difficult for hacker to trace or copy it. That salt is the WordPress Security Keys that can be found inside your wp-config.php file.
Security Keys on their end are unique for each WP installation and can be re-generated through WordPress Secret Keys API.
Feel to free to use that tool and share!
Latest posts by Makis Mourelatos (see all)
- The Definitive Guide about Backdoor Attacks – What are WebShell BackDoors - October 16, 2017
- The Definitive Guide about Backdoor Attacks – What is a backdoor - September 11, 2017
- TradeTraffic.life WordPress Malware Redirect - August 4, 2017