generate random password?

[TeddyKiller]

I have a little php script which generates a random password for the user.

How can I simplify it, or make it slightly better?

 

         $length = 9;
         $characters = 'abcdefghjkmnpqrstwxyz23456789';
         $max = strlen($characters) - 1;
         $password = '';
         mt_srand((double)microtime() * 1000000);
         while (strlen($password) < $length + 1) {
             $password .= $characters{mt_rand(0, $max)};
         }

 

thanks

[JAY6390]

Change it into a function?

[TeddyKiller]

Change it into a function?

 

It's going into a function called generatePass()

[JAY6390]

Oh OK, in that case I dont think there's all that much you can do to be honest

[JonnoTheDev]

Just a quick random string creator. You could do this a million ways.

<?php
function createPassword($length = 10) {
$array = array_merge(range('a','z'), range(0,10));
shuffle($array);
return substr(md5(implode("", $array).microtime()),0,$length);
}

print createPassword(10);
?>

[TeddyKiller]

Just a quick random string creator. You could do this a million ways.

<?php
function createPassword($length = 10) {
   $array = array_merge(range('a','z'), range(0,10));
   shuffle($array);
   return substr(md5(implode("", $array).microtime()),0,$length);
}

print createPassword(10);
?>

How would I take out 1, i, l

 

I found this too..

    public function generatePass($legnth = 9) {
        $password = "";
        $characters = "0123456789bcdfghjkmnpqrstvwxyz"; 
          $i = 0; 
         while ($i < $length) { 
            $char = substr($characters, mt_rand(0, strlen($characters)-1), 1);
            // we don't want this character if it's already in the password
            if (!strstr($password, $char)) {
                $password .= $char;
                $i++;
               }
          }
          
        return $password;
    }

[salathe]

How would I take out 1, i, l

 

There would be no i nor l since the string is passed through md5.

 

Can I ask why you're using a very restricted set of characters?

[Psycho]

The parameters for the password make the possibilities much more limited than it should be. I would suggest making the length variable and adding upper case letters and special characters to the possible combinations.

 

Also, most password generators will ensure that there is a mix of different character type (1 lower and/or upper case, 1 number, 1 special).

 

Here is what I would do to create a random length and add more variablility in the characters. I see you left out some characters (i.e. 1(one) and l (lowercase L)) as is common. So, I also left out "O" (upper case Oh).

 

mt_srand((double)microtime() * 1000000);

//Variable length
$length = mt_rand(7,11);

//Available characters
$characters = 'abcdefghjkmnpqrstwxyzABCDEFGHIJKLMNPQRSTUVWXYZ234 56789!@$%^&+';

$password = '';
for($i=0; $i<$length; $i++)
{
    $password .= substr($characters, mt_rand(0, strlen($characters)-1, 1);
}