Random Passwords

Eric · 11-03-2007, 12:36 PM

Got a tad bored today, so wrote a function for random passwords. Maybe it will help someone.

PHP Code:

  <?php

 
/**

* Generate a random password.

*

* @param  integer  $numchars      How long do we need the password to be?

* @param  boolean  $specialchars  Include the special characters?

* @param  boolean  $extrashuffle  Include an extra randomization on the password string?

* @return string

*/

function random_pass($numchars = 8, $specialchars = true, $extrashuffle = false)

????: NamePros.com http://www.namepros.com/code/391711-random-passwords.html
{

    $numchars = intval($numchars);

    $numchars = ($numchars > 16 OR $numchars < 8) ? 8 : $numchars;

 
    $chars = array_merge(range('a', 'z'), range(0, 9));

 
    if ($specialchars)

    {

        $chars = array_merge($chars, array('!', '$', '_', '-', '#', '@'));

    }

    shuffle($chars);

 
    $pass = '';

 
    for ($i = 0; $i <= $numchars; $i++)

    {

        $pass .= $chars[$i];

    }

 
    if ($extrashuffle)

    {

        return str_shuffle($pass);

    }

    return $pass;

}

 
// Example, returns: 3ck#4sib2

echo random_pass(8, true, true);

????: NamePros.com http://www.namepros.com/showthread.php?t=391711
 
?>

Daniel · 11-03-2007, 01:31 PM

PHP Code:

 
  <?php

 
/**

* Generate a random password.

*

* @param  integer  $numchars      How long do we need the password to be?

* @param  boolean  $specialchars  Include the special characters?

* @param  boolean  $extrashuffle  Include an extra randomization on the password string?

* @param  boolean  $mixedcase     Mixed case or solely lowercase?

* @return string

*/

function random_pass($numchars = 8, $specialchars = true, $extrashuffle = false, $mixedcase = true)

{

    $numchars = intval($numchars);

    $numchars = ($numchars > 16 OR $numchars < 8) ? 8 : $numchars;

    

    $chars = array_merge(range('a', 'z'), range(0, 9));

 
    if ($mixedcase) /* Extra case */

????: NamePros.com http://www.namepros.com/showthread.php?t=391711
    {

        $chars = array_merge($chars, range('A','Z'));

????: NamePros.com http://www.namepros.com/showthread.php?t=391711
    }

    

    if ($specialchars)

    {

        $chars = array_merge($chars, array('!', '$', '_', '-', '#', '@'));

    }

    shuffle($chars);

 
    $pass = '';

 
    for ($i = 0; $i < $numchars; $i++) /* Changed to < only sign, otherwise it would be 1 character longer than needed */

    {

        $pass .= $chars[$i];

        shuffle($chars); /* Get repeated characters, would add as an option, but I'm lazy */

    }

 
    if ($extrashuffle)

    {

        return str_shuffle($pass);

    }

    return $pass;

}

 
// Example, returns: 3ck#4si2

echo random_pass(8, true, true, true);

 
?>

Added an extra shuffle after each character, so you can get repeated characters too. (I prefer it that way).
Added MiXeD case option
Fixed the length ($i = 0; $i <=$numchars) part.

Barrucadu · 11-04-2007, 10:22 AM

Both good, but heres a function I made a while ago and have been using, it may not be as customizable, but the passwords are very difficult to guess:

PHP Code:

  <?php

function prand($len = 10){

     $pass = '';

     for($i = 0; $i < $len; $i ++){

          $pass .= chr(rand(33, 126));

     }

     return $pass;

????: NamePros.com http://www.namepros.com/showthread.php?t=391711
}

 
echo prand();

?>

jimmysanders · 02-05-2008, 04:42 PM

i had to go for the smallest one

PHP Code:

  function randomPassword($length = 8) {

????: NamePros.com http://www.namepros.com/showthread.php?t=391711
    return    substr(base64_encode(md5(time())), 0, $length);

}

creates random string of A–Z, a–z, and 0–9 of max of 42ish chars

unknowngiver · 02-18-2008, 06:53 PM

Originally Posted by jimmysanders

i had to go for the smallest one

????: NamePros.com http://www.namepros.com/showthread.php?t=391711

PHP Code:

  function randomPassword($length = 8) {

    return    substr(base64_encode(md5(time())), 0, $length);

}

creates random string of A–Z, a–z, and 0–9 of max of 42ish chars

lol protection much...base64 and md5 encryption lol

Daniel · 02-19-2008, 03:24 AM

Originally Posted by unknowngiver

Originally Posted by jimmysanders

i had to go for the smallest one

????: NamePros.com http://www.namepros.com/showthread.php?t=391711

PHP Code:

  function randomPassword($length = 8) {

    return    substr(base64_encode(md5(time())), 0, $length);

}

creates random string of A–Z, a–z, and 0–9 of max of 42ish chars

lol protection much...base64 and md5 encryption lol

Not very secure, if you knew say what time roughly they made it, and how long, it could easily be cracked.

Dan

mholt · 07-10-2008, 09:21 PM

If you know exactly what second after Unix Epoch they made that password, then yes... you could guess it...
????: NamePros.com http://www.namepros.com/showthread.php?t=391711

Unless we add a little bit of salt

PHP Code:

  // Modified function, original given by jimmysanders

 
function randomPassword($length = 8) {

    $saltLength = 1;

    return    substr(base64_encode(md5(time())), 0, $length - $saltLength) . substr(md5($length + $time), 5, $saltLength);

 
// To use for your own, change:

// 5 on the second substr() function such that it's > 0 and < 42.

// $saltLength should be < $length

// If each person who used this function changed these values to

// some of their own choice, guessing it by just time() would be much trickier.

}

That should be a little trickier.

Cavemaneca · 12-12-2008, 06:58 PM

This is what I've been using for any random string

PHP Code:

  function randstr($l, $sp = 'false') {

????: NamePros.com http://www.namepros.com/showthread.php?t=391711
$useChars='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz?!-+*=/\|&@#%^';

$string = $useChars{mt_rand(0,9)};

for($i = 1 ; $i < $l ; $i++)

{

    if ($sp) {

    $string .= $useChars{mt_rand(0,76)};

    }

    else {

    $string .= $useChars{mt_rand(0,61)};

????: NamePros.com http://www.namepros.com/showthread.php?t=391711
    }

}

return $string;

}

usually works out fine. I don't know much encryption though. For that I usually just use

PHP Code:

  crypt($user_input, $db_pass);

sdsinc · 12-13-2008, 11:16 AM

I use this:

PHP Code:

  function rand_string($len, $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')

{

    $string = '';

????: NamePros.com http://www.namepros.com/showthread.php?t=391711
    for ($i = 0; $i < $len; $i++)

    {

        $pos = rand(0, strlen($chars)-1);

        $string .= $chars{$pos};

    }

    return $string;

}

Daniel · 12-13-2008, 11:20 AM

PHP Code:

  function rand_string($len, $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')

????: NamePros.com http://www.namepros.com/showthread.php?t=391711
{

    $string = '';

    $strlen = strlen($chars)-1;

    for ($i = 0; $i < $len; $i++)

    {

        $pos = rand(0, $strlen);

        $string .= $chars{$pos};

    }

    return $string;

}

Slightly optimized

~

And @Cavemaneca

(bool) $sp = 'false' evals to TRUE, not FALSE.

Just be careful with this, as it can definitely fall into unexpected behaviour (although it's not really all that 'unexpected'.

PHP Code:

  var_dump( (bool) 'false' ); // Returns bool (true)

11-03-2007, 12:36 PM	THREAD STARTER #1 (permalink)
Eric Senior Member Join Date: Mar 2005 Posts: 4,948	Random Passwords Got a tad bored today, so wrote a function for random passwords. Maybe it will help someone. PHP Code: <?php /** * Generate a random password. * * @param integer $numchars How long do we need the password to be? * @param boolean $specialchars Include the special characters? * @param boolean $extrashuffle Include an extra randomization on the password string? * @return string */ function random_pass($numchars = 8, $specialchars = true, $extrashuffle = false) ????: NamePros.com http://www.namepros.com/code/391711-random-passwords.html { $numchars = intval($numchars); $numchars = ($numchars > 16 OR $numchars < 8) ? 8 : $numchars; $chars = array_merge(range('a', 'z'), range(0, 9)); if ($specialchars) { $chars = array_merge($chars, array('!', '$', '_', '-', '#', '@')); } shuffle($chars); $pass = ''; for ($i = 0; $i <= $numchars; $i++) { $pass .= $chars[$i]; } if ($extrashuffle) { return str_shuffle($pass); } return $pass; } // Example, returns: 3ck#4sib2 echo random_pass(8, true, true); ????: NamePros.com http://www.namepros.com/showthread.php?t=391711 ?>

11-03-2007, 01:31 PM	#2 (permalink)
Daniel Danltn.com Join Date: May 2007 Location: Danltn.com / Nottingham, UK Posts: 1,201	PHP Code: <?php /** * Generate a random password. * * @param integer $numchars How long do we need the password to be? * @param boolean $specialchars Include the special characters? * @param boolean $extrashuffle Include an extra randomization on the password string? * @param boolean $mixedcase Mixed case or solely lowercase? * @return string / function random_pass($numchars = 8, $specialchars = true, $extrashuffle = false, $mixedcase = true) { $numchars = intval($numchars); $numchars = ($numchars > 16 OR $numchars < 8) ? 8 : $numchars; $chars = array_merge(range('a', 'z'), range(0, 9)); if ($mixedcase) / Extra case / ????: NamePros.com http://www.namepros.com/showthread.php?t=391711 { $chars = array_merge($chars, range('A','Z')); ????: NamePros.com http://www.namepros.com/showthread.php?t=391711 } if ($specialchars) { $chars = array_merge($chars, array('!', '$', '_', '-', '#', '@')); } shuffle($chars); $pass = ''; for ($i = 0; $i < $numchars; $i++) / Changed to < only sign, otherwise it would be 1 character longer than needed / { $pass .= $chars[$i]; shuffle($chars); / Get repeated characters, would add as an option, but I'm lazy / } if ($extrashuffle) { return str_shuffle($pass); } return $pass; } // Example, returns: 3ck#4si2 echo random_pass(8, true, true, true); ?> Added an extra shuffle after each character, so you can get repeated characters too. (I prefer it that way). Added MiXeD case option Fixed the length ($i = 0; $i <=$numchars) part. __________________ :lala: VERY CHEAP ADVANCED* BULK DOMAIN-STATISTICS LOOKUP** :kickass: Danltn's Blog - Daniel Neville's Site Spoof your links! Submit your blog NOW! Putting bloggers on the map! Last edited by Danltn; 11-03-2007 at 01:36 PM.

11-04-2007, 10:22 AM	#3 (permalink)
Barrucadu Senior Member Join Date: Aug 2005 Location: East Yorkshire, England Posts: 2,689 Follow @barrucadu	Both good, but heres a function I made a while ago and have been using, it may not be as customizable, but the passwords are very difficult to guess: PHP Code: `<?php function prand($len = 10){ $pass = ''; for($i = 0; $i < $len; $i ++){ $pass .= chr(rand(33, 126)); } return $pass; ????: NamePros.com http://www.namepros.com/showthread.php?t=391711 } echo prand(); ?>` __________________ Website \| Blog Arch Hurd developer; GNU Webmaster; FSF member #8385

02-05-2008, 04:42 PM	#4 (permalink)
jimmysanders New Member Join Date: Feb 2008 Posts: 9	i had to go for the smallest one PHP Code: `function randomPassword($length = 8) { ????: NamePros.com http://www.namepros.com/showthread.php?t=391711 return substr(base64_encode(md5(time())), 0, $length); }` creates random string of A–Z, a–z, and 0–9 of max of 42ish chars

07-10-2008, 09:21 PM	#7 (permalink)
mholt DNOA Member Join Date: May 2004 Posts: 5,040	If you know exactly what second after Unix Epoch they made that password, then yes... you could guess it... ????: NamePros.com http://www.namepros.com/showthread.php?t=391711 Unless we add a little bit of salt PHP Code: // Modified function, original given by jimmysanders function randomPassword($length = 8) { $saltLength = 1; return substr(base64_encode(md5(time())), 0, $length - $saltLength) . substr(md5($length + $time), 5, $saltLength); // To use for your own, change: // 5 on the second substr() function such that it's > 0 and < 42. // $saltLength should be < $length // If each person who used this function changed these values to // some of their own choice, guessing it by just time() would be much trickier. } That should be a little trickier. Last edited by mholt; 07-10-2008 at 09:49 PM.

12-12-2008, 06:58 PM	#8 (permalink)
Cavemaneca New Member Join Date: Dec 2008 Posts: 3	This is what I've been using for any random string PHP Code: function randstr($l, $sp = 'false') { ????: NamePros.com http://www.namepros.com/showthread.php?t=391711 $useChars='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz?!-+=/\\|&@#%^'; $string = $useChars{mt_rand(0,9)}; for($i = 1 ; $i < $l ; $i++) { if ($sp) { $string .= $useChars{mt_rand(0,76)}; } else { $string .= $useChars{mt_rand(0,61)}; ????: NamePros.com http://www.namepros.com/showthread.php?t=391711 } } return $string; } usually works out fine. I don't know much encryption though. For that I usually just use PHP Code: `crypt($user_input, $db_pass);` Last edited by Cavemaneca; 12-12-2008 at 07:07 PM.*

12-13-2008, 11:16 AM	#9 (permalink)
sdsinc Domains my Dominion Join Date: Aug 2005 Location: Web 1.0 Posts: 9,556	I use this: PHP Code: `function rand_string($len, $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789') { $string = ''; ????: NamePros.com http://www.namepros.com/showthread.php?t=391711 for ($i = 0; $i < $len; $i++) { $pos = rand(0, strlen($chars)-1); $string .= $chars{$pos}; } return $string; }`

12-13-2008, 11:20 AM	#10 (permalink)
Daniel Danltn.com Join Date: May 2007 Location: Danltn.com / Nottingham, UK Posts: 1,201	PHP Code: `function rand_string($len, $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789') ????: NamePros.com http://www.namepros.com/showthread.php?t=391711 { $string = ''; $strlen = strlen($chars)-1; for ($i = 0; $i < $len; $i++) { $pos = rand(0, $strlen); $string .= $chars{$pos}; } return $string; }` Slightly optimized ~ And @Cavemaneca (bool) $sp = 'false' evals to TRUE, not FALSE. Just be careful with this, as it can definitely fall into unexpected behaviour (although it's not really all that 'unexpected'. PHP Code: `var_dump( (bool) 'false' ); // Returns bool (true)` __________________ :lala: *VERY CHEAP ADVANCED* BULK DOMAIN-STATISTICS LOOKUP** :kickass: Danltn's Blog - Daniel Neville's Site Spoof your links! Submit your blog NOW! Putting bloggers on the map!

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)