WordPress Salts Extended – New AIOS WordPress Security Feature
WordPress uses random strings of characters within passwords, called ‘Salts’, to make it difficult for attackers to crack passwords and gain access to your WordPress site.
In release 5.1.6 of the AIOS WordPress Security Plugin, we’ve expanded this WordPress feature and added it to the free and Premium versions of AIOS, to provide you, our customers, with even more protections against malicious users.
Tell me more about WordPress Salts
Section titled Tell me more about WordPress SaltsSimply put, storing login passwords in plain text is bad. If someone were to steal your database they’d have access to your users’ passwords. WordPress ‘hashes’ passwords which means it transforms the existing characters into another value, so they can’t be read.
But, hashing on its own isn’t enough.
If two users had the same password, it would create the same hash, meaning if the attacker knew one password, they’d know the other ones too.
That’s where WordPress ‘Salts’ come in.
Salts are unique random strings which are attached to the hashed password. If two users had the same password, they would still have a different hash, thanks to WordPress Salts.
How does AIOS expand the WordPress Salt Feature?
Section titled How does AIOS expand the WordPress Salt Feature?A new feature in AIOS 5.1.6 adds 64 extra characters to the existing salts and changes it weekly.
Short WordPress salts means an attacker could precompute a table of every possible salt appended to every likely password. Adding extra characters makes calculating salt variations pretty tricky. Giving them less than a week to do it makes it virtually impossible.
The AIOS WordPress Salts feature is available now in All-In-One Security 5.1.6, adding to the already extensive suite of login security features.
For more information about feature-rich AIOS, visit our Features page or get AIOS now.
Frequently Asked Questions
Section titled Frequently Asked QuestionsDoes this feature change my password?
Your password will continue to work as normal. Salting happens behind the scenes.
How do I use the AIOS WordPress Salts feature?
To enable this extra security, we suggest you first let all users know that they are about to be logged out so that they can save their work.
We also recommend taking a backup using a WordPress Backup Plugin such as UpdraftPlus. This is good practice when making changes to anything within your WordPress plugins (and themes too).
Then, within your WordPress Dashboard:
- go into the WP Security section,
- then to Miscellaneous.
- Within the Salt tab, check ‘Enable salt postfix’.
- Press the Save settings button, and you’re done.

About the author

TeamUpdraft
Our team consists of WordPress developers, marketers, and industry experts committed to providing you with the resources and skills you need to succeed online. Whether you’re just starting out or seeking advanced strategies, we’re here to enhance your WordPress journey and support you at every stage.
Categories
AIOS
Comprehensive, feature-rich, security for WordPress. Malware scanning, firewall, an audit log and much more. Powerful, trusted and easy to use.
From just $70 for the year.
More stories
-
Three things to do this World Backup Day
This World Backup Day, take the time to ensure your website is protected. From automating backups to connecting to remote storage, these three steps will keep your data safe. Plus, enjoy a 10% discount on UpdraftPlus Premium for a limited time!
-
Same team, different name. Welcome to TeamUpdraft (for affiliates)
Attention affiliates! TeamUpdraft is here, combining UpdraftPlus, WP-Optimize, and AIOS. Explore new ways to earn with our unified brand.
-
Same team, different name. Welcome to TeamUpdraft
UpdraftPlus, WP-Optimize & AIOS are now under TeamUpdraft! Find out what’s changed, how to log in, and where to get support.
-
WP-Optimize release v4.0.0
WP-Optimize v4.0.0 is here! This update introduces JavaScript execution delay, minimum requirements changes, and performance improvements.