wp_salt()获取salt值并添加到哈希列表中,以预防攻击

目录

描述

译文

该函数可由插件代替。若插件无法重新定义函数,则使用该函数。

该函数获取salt值并添加到哈希列表中,以预防攻击。

密钥位于两个位置:一是数据库(防止另一处没有定义密钥),二是wp-config.php文件。如果需要设置密钥,需要在wp-config.php文件中完成。

数据库中的密钥是随机生成的,有时会被赋值给wp-config.php文件中的密钥。记住,要在wp-config.php文件中定义或修改密钥。

如果你安装的是WordPress 2.5及更高版本,那么wp-config.php文件中已经定义了SECRET_KEY。但你需要更改它的值,因为黑客可能已经知道这个值。如果你从WP 2.5之前的版本升级到WP 2.5或者更高版本,需要在wp-config.php中添加常量SECRET_KEY。

有一种解密工具中存储了常用字典字符串的哈希值,为密码添加salt值可以防止这种解密工具破解你的密码。如果添加的值强度够高,密码就更不容易被破解。

原文

This function can be replaced via plugins. If plugins do not redefine these functions, then this will be used instead.

Get salt to add to hashes to help prevent attacks.

The secret key is located in two places: the database in case the secret key isn't defined in the second place, which is in the wp-config.php file. If you are going to set the secret key, then you must do so in the wp-config.php file.

The secret key in the database is randomly generated and will be appended to the secret key that is in wp-config.php file in some instances. It is important to have the secret key defined or changed in wp-config.php.

If you have installed WordPress 2.5 or later, then you will have the SECRET_KEY defined in the wp-config.php already. You will want to change the value in it because hackers will know what it is. If you have upgraded to WordPress 2.5 or later version from a version before WordPress 2.5, then you should add the constant to your wp-config.php file.

Salting passwords helps against tools which has stored hashed values of common dictionary strings. The added values makes it harder to crack if given salt string is not weak.

wp_salt() 描述

用法

<?php wp_salt$scheme ?>

wp_salt() 用法

参数

$scheme

(string) (可选) Type of salt you would like to recall. Accepts: 'auth', 'secure_auth', 'logged_in', and 'nonce'

默认值: 'auth'

wp_salt() 参数

返回值

(string) 

Salt value from either 'SECRET_KEY' or 'secret' option

wp_salt() 返回值

注意

wp_salt() 注意

历史

添加于 版本: 2.5

wp_salt() 历史

源文件

wp_salt() 函数的代码位于 wp-includes/pluggable.php.

wp_salt() 源文件