array_rand password

Question

<?php
$abc = array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o','p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O','P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z');

for ($i=0; $i < 6; $i++)
    {   
        $pass = array_rand($abc);
        echo $abc[$pass];
    }

?>

I need to send email with generated pass but i must generated pass get to some variable but i dont now how.

This is a very basic php thing... level 100 class... how to access a variable. — bretterer, Feb 07 '13 at 19:14
http://stackoverflow.com/search?q=php+random+password first 623, the rest are available on written request — , Feb 07 '13 at 19:15
People are still submitting answers...I guess that's the only way to raise your reputation around here: regurgitate the same info out over and over *sigh* — keyboardSmasher, Feb 07 '13 at 19:21

score 2 · Accepted Answer · answered Feb 07 '13 at 19:17

2

I just use this: $newpass = substr(md5(uniqid()),0,8);

It's not particularly secure, but it does the job and users are required to change their passwords as soon as they log in with a reset password. The point is it's more efficient than loops and character accesses.

answered Feb 07 '13 at 19:17

Niet the Dark Absol

320,036
81
464
592

+1. `base64_encode(md5(uniqid()))` can give a tough password. – AKS Feb 07 '13 at 19:23
@AyeshK But a long one. Do you really want your users to have to type in a 45-character long password just to get back on their account? – Niet the Dark Absol Feb 07 '13 at 19:29
Sorry I meant to put your substr() there. `substr(base64_encode(md5(uniqid())),0,8);` – AKS Feb 07 '13 at 19:34
@AyeshK - What is the base64_encode for? An MD5 will already return an encoded value, so you gain nothing. – martinstoeckli Feb 07 '13 at 20:14
md5 returns only lowercase English letters and numbers. base64_encode will give you uppercase characters as well, making the password tough. – AKS Feb 08 '13 at 08:45

score 2 · Answer 2 · answered Feb 07 '13 at 19:20

You can use the mcrypt extention's iv function to get random data from the system. Because it is a bit-stream you need to encode it in some way, so that it is not garbage on the screen. Base64 encoding should suffice. Because base64 encoded strings are approximately 33% longer you need to cut the string down to the length you want.

Here is a simple example:

function password($length = 10) {
    $random = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
    $base64 = base64_encode($random);
    return substr($base64, 0, $length);
}
var_dump(password(10));

score 0 · Answer 3 · answered Feb 07 '13 at 19:17

User this snippet of code that I wrote a few days back.

function genText($length) {
    $out_str = '';
    $p_chars = "AGHACEFHJKRSTVXY124579aghacefhjkrstvxy"; // can be any set of characters
    while (strlen($out_str) < $length) {
        $out_str.= $p_chars{rand() % (strlen($p_chars))};
    }
    return $out_str;
}

$your_variable = genText(8);

array_rand password

3 Answers3