Advanced Random Password Generator..

jebster

Just thought I would share my little(big) random password generator with you all. Its ugly(needs a style sheet) and the code is probably much bigger than it needs to be but, meh!

Try:
http://68.99.99.244:81/~jebster/advanced_rand_pass.php
Source:
http://68.99.99.244:81/~jebster/advanced_rand_pass.phps

Oh, and its "Advanced" because my last one had no options and such..

BTW, Pyro will be happy to know that it is Valid XHTML 1.0 Transitional 🙂

Tell me what you think 😉

Weedpacket

Personally I prefer preg_split('//',$string,-1,PREG_SPLIT_NOEMPTY) to turn a string into an array of characters; but most of the time I find I can just leave the string as-is and refer to characters directly as $string{$char} anyway. That would shorten your code a bit 🙂

planetsim

function randomPass() {

  srand(microtime() * 1000000000000);
  $pass_rnd = array_merge(range('a','z'), range('A','Z'), range(0,9));
  $rnd = array_rand($pass_rnd, 8);

  $password = "";

  for($i=0;$i<=7;$i++){
    $password .= $pass_rnd[$rnd[$i]];
  }

  return $password;

}

Seems a lot simplier to me

jebster

hehe I still have a lot to learn! 😃 Thanks for the tips 🙂 And it was extremely quick so I just thought of the simplest way(in my head) to do it, not to mention I was trying to watch The Daily Show while writing it(excuses... hehe) 😉

And yes planetsim yours is a lot simplier, but yours doesn't allow the user to choose what type of things to use. That was what I was going for with this one. 😃

I shall now improve upon it.

jebster

Originally posted by Weedpacket
Personally I prefer preg_split('//',$string,-1,PREG_SPLIT_NOEMPTY) to turn a string into an array of characters; but most of the time I find I can just leave the string as-is and refer to characters directly as $string{$char} anyway. That would shorten your code a bit 🙂

Could you point to the manual page for that? $string{$char} that is 🙂 Not sure what to look for. 😕

EDIT
Nevermind, found it after a bit of searching page by page 🙂

jebster

Updated. Slightly better? Same urls as in first post.

5:12am, bed time....

drawmack

How about using a little javascript and giving the mean time to crack on the page where the person is setting up the options?

jebster

Originally posted by drawmack
How about using a little javascript and giving the mean time to crack on the page where the person is setting up the options?

You mean how long it would take someone to crack the password that was generated? 😕 If so, how would one go about doing that?

drawmack

there is a mathematical formula it's based on the length of the password and the size of the set used to generate it. Just google for mean time to crack

jebster

Hmmm sounds interesting, unfortunaty I could not find it, though I am exteremely tired cause I stayed up the whole night(its now 7:50am) while I scanned my computer for viruses(found 7, all in the downloaded program files folder.. think I need to adjust IE's handling of that stuff...), guess I will look again after some sleep.

Weedpacket

Um, lesseee... c/i/2, where l is the length of the passwd, s is the number of characters in the source alphabet, and c is a factor that represents the speed of the computer doing the checking; c could be estimated from doing something like timing for(i=0;i<1000;i++){test=('c'=='c');} and dividing by 1000.

Assumes uniform distribution of characters; /2 because for every password that takes less time than the above to crack, there's one that takes longer (that's why it's the mean).

drawmack

I thought the /2 took into account that on average you have to search half the list to find the result

Weedpacket

Originally posted by drawmack
I thought the /2 took into account that on average you have to search half the list to find the result

Same thing 🙂

drawmack

Originally posted by Weedpacket
Same thing 🙂

Damn mathematicians and their confusing langauge 🙂

drawmack

Just to put it in terms of code

<?php
define('BASE_CPU_SPEED',.0024); //2.4 gh machine (I think)
$alpha_length = 62; //upper &  lower case + numbers
$pass_length = 8;

echo "The mean time to crack your password on a ";
echo (BASE_CPU_SPEED * 1000); 
echo " ghz machine is ";
echo mean_time_to_crack($alpha_length,$pass_length);

mean_time_to_crack($al,$pl) {
  return BASE_CPU_SPEED * (pow($al,$pl)/2);
}
?>

Weed,
Isn't there a way that makes the processor speed and the password length work together in the exponent to speed up the processing?

jebster

So is the number returned seconds or minutes?

Weedpacket

Originally posted by drawmack
Damn mathematicians and their confusing langauge 🙂

Yeah, but what does "on average" mean?

drawmack

Originally posted by Weedpacket
Yeah, but what does "on average" mean?

that's just mean 🙂