I was reading about the WordPress security keys. I didn’t really understand how they work, but they have to do with better security for the passwords.
You should provide those (keys and salts) in the wp-config file, before installing WordPress. Since I use WP a lot, I am familiar with the installation process, and I try to keep up with all security guidelines that cross my path, like the 20 step guide from tuts plus, and other recommendations from digging into wp.
I don’t know what salt is. I’ll make some research.
Anyway, these keys can be randomly generated from a tool provided by wp themselves, or you can make it up.
My question is, if this enhances security, is randomly generated, and very encouraged to include, why can”t the installation perform this automatically and inject those keys into wp-config?