Generating a Random Password in PHP

Generating a random password in php

Security warning: rand() is not a cryptographically secure pseudorandom number generator. Look elsewhere for generating a cryptographically secure pseudorandom string in PHP.

Try this (use strlen instead of count, because count on a string is always 1):

function randomPassword() {
    $alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890';
    $pass = array(); //remember to declare $pass as an array
    $alphaLength = strlen($alphabet) - 1; //put the length -1 in cache
    for ($i = 0; $i < 8; $i++) {
        $n = rand(0, $alphaLength);
        $pass[] = $alphabet[$n];
    }
    return implode($pass); //turn the array into a string
}

Demo

Generate a random password in PHP

You can easily achieve this with the following function:

function random_string($length)
{
   $string = "";
   $chars = "abcdefghijklmanopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
   $size = strlen($chars);
   for ($i = 0; $i < $length; $i++) {
       $string .= $chars[rand(0, $size - 1)];
   }
   return $string; 
}

Here you first generate an empty string, then you define a string with all chars you want, you could also add # or ? or whatever you want. After you also counted the numbers of chars you can start with filling your new string. You just use a for-loop to do this. Everytime the loopcontent is called, there is one random char (from your $char) added to your empty string.

You use this function (for example if you want to store your random password in a variable) by simply typing:

$password = rand_string(15) //the number specified in brackets is the amount of characters in your password

Let me know if you're experiencing any issues.

How to make a random password generator with at least one capital letter, lowercase letter, special character and number everytime in php

I created this basic code:

$digits    = array_flip(range('0', '9'));
$lowercase = array_flip(range('a', 'z'));
$uppercase = array_flip(range('A', 'Z')); 
$special   = array_flip(str_split('!@#$%^&*()_+=-}{[}]\|;:<>?/'));
$combined  = array_merge($digits, $lowercase, $uppercase, $special);

$password  = str_shuffle(array_rand($digits) .
                         array_rand($lowercase) .
                         array_rand($uppercase) . 
                         array_rand($special) . 
                         implode(array_rand($combined, rand(4, 8))));

echo $password;

First I create arrays, of which the keys are what the variable names describes. This might seems somewhat strange, but this is done because array_rand() returns random keys, not random values.

By explicitly defining the different types of characters you could remove some nasty ones. For instance, it can be hard to distinguish between I, 1, | and l or O and 0, depending on your font. You might want to remove those. You are also able to define your own set of special characters.

I then guarantee that at least one capital letter, one lowercase letter, one special character and one number is present by explicitly declaring so.

Finally I add a part of random characters of random length and shuffle the whole string.

A note: Choosing passwords for users can be a good idea. Users often find it hard to choose a good password. However, you're going for very difficult to remember, and difficult to enter, passwords. Is that really necessary? For instance, if you ask for an email address in combination with a password, then a 5 digit PIN number would already give 99999 possible passwords. That's a lot. If you only allow an user to try to enter a password wrong 5 times, before the login form gets blocked, then a hacker has only a 0.006% chance of a successful hack by brute force. Those are not good odds. A five digit password is much easier to work with for an user. The strength of the password should be proportional to that what it protects and other risk factors. You might be using passwords with a 0.00000000001% chance of a successful hack, but if the chance that an user gives the password "willingly" to a hacker, for instance through social hacking, is 0.0001% then there's little point to such a secure password.

How to Generate Random Password in Codeigniter for forgot password

You can try below function to generate random password.

function random_password() 
{
    $alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890';
    $password = array(); 
    $alpha_length = strlen($alphabet) - 1; 
    for ($i = 0; $i < 8; $i++) 
    {
        $n = rand(0, $alpha_length);
        $password[] = $alphabet[$n];
    }
    return implode($password); 
}
echo random_password();

Laravel how to insert random password automatically

Use a mutator method to set the password. Override the method by adding:

public function setPasswordAttribute($value)
{
    $this->attributes['password'] = 'some random password generator';
}

see the documentation here:

https://laravel.com/docs/5.4/eloquent-mutators#defining-a-mutator

You don't need to use the $value parameter at all when setting the attribute.

How do i generate random password based on the month names?

To do this all you need to to is keep track of the month and use it to get the nth character of your $alphabet string. Then you can just replace the fifth element of your $pass array with it before you implode() the final password.

function randomPassword() {
    $currentmonth = date('n');
    $alphabet = "abcdefghijklmnopqrstuwxyzABCDEFGHIJKLMNOPQRSTUWXYZ";    
    $random = "abcdefghijklmnopqrstuwxyzABCDEFGHIJKLMNOPQRSTUWXYZ0123456789";
    $pass = array();    

    $alphaLength = strlen($random) - 1; 
    for ($i = 0; $i < 5; $i++) {
          $n = rand(0, $alphaLength);
          $pass[] = $random[$n];
    }
    $pass[4] = substr($alphabet, $currentmonth - 1, 1);

    return implode($pass); 

}
echo randomPassword();

Demo

Here's a more concise way to generate the random password:

function randomPassword() {
    $currentmonth = date('n') - 1;
    $alphabet = "abcdefghijklm";
    $random_hash = substr(md5(uniqid(rand(), true)), 28, 4);
    return $random_hash . substr($alphabet, $currentmonth, 1);
}
echo randomPassword();

Demo

Keep in mind these passwords are short and pseudo-random and not very secure.


Related Topics

How to Load a Controller from Another Controller in Codeigniter

Call to a Member Function Prepare() on a Non-Object PHP Help

How to Create a Simple 'Hello World' Module in Magento

How to Find the PHP.Ini File Used by the Command Line

PHP Aes Encrypt/Decrypt

How to Remove Line Breaks (No Characters!) from the String

What Is a Class in PHP

How to Sftp With PHP

Best Solution to Protect PHP Code Without Encryption

How Unique Is the PHP Session Id

How to Check If a Date Is in a Given Range

PHP Curl and Cookies

Can Png Image Transparency Be Preserved When Using PHP'S Gdlib Imagecopyresampled

Checking If Date Is Weekend PHP

Undefined Offset PHP Error

How to Get Count of Rows in MySQL Table Using PHP

Preserve Line Breaks from Textarea

How to Push Both Value and Key into PHP Array


Leave a reply



Submit