Password Generator Script
Hello,
I got bored so I made a password generator script in a few minutes. All you have to do is put these codes in the correct file names.
index.php
Code:
<html>
<head>
<title>Password Generator Script</title>
</head>
<body>
<h2>Password Generator</h2><br />
<form action="result.php" method="post" />Choose number<br />
<input type="text" name="number" /><br />
<input type="submit" value="Generate Password" />
</form>
</body>
</html>
result.php
PHP Code:
$number = $_POST['number'];
switch($number)
{
case 6:
$string = "abc123";
echo $string/2;
break;
case 7:
$string = "abc1234";
echo $string/2;
break;
case 8:
$string = "abcd1234";
echo $string/2;
break;
case 9:
$string = "abcd12345";
echo $string/2;
break;
case 10:
$string = "abcde12345";
echo $string/2;
break;
default:
echo 'Invalid number.';
}
$string_shuffled = str_shuffle($string);
echo $string_shuffled;
?>
Re: Password Generator Script
This is what will happen if you try to use one of these passwords:
http://i.imgur.com/IT4IF.jpg
Re: Password Generator Script
At least randomize the characters
Re: Password Generator Script
PHP has a str_shuffle function? That's news to me. For some reason, it makes me hate PHP just a little bit more. I mean... how hard is shuffling a string yourself? :/. Meh.
Anywho, I'ma definitely agree with jMerlin.
Re: Password Generator Script
Quote:
Originally Posted by
jMerliN
Why is that?
Quote:
Originally Posted by
Jash
At least randomize the characters
That's what str_shuffle() does. It takes the string and scrambles it.
Re: Password Generator Script
Quote:
Originally Posted by
Weytin
Why is that?
That's what str_shuffle() does. It takes the string and scrambles it.
When i said randomize the characters i don't mean scramble them. That means it doesn't have to contain only the characters a,b,c,d,1,2,3,4. The password string, when randomized correctly, should be capable of producing cryptographically secured random characters, something like UHas91NS, JS83NNw, 0SjIJ2ms, 92xm8Sd3. You get the idea.
By using your system, there will only be 6! + 7! + 8! + 9! + 10! possible combinations (assuming a cracker doesn't know the number of characters, but knows that there can only be 6 to 10 characters) which is rather easy to crack. However if you were to use a cryptographically secured random string, there will be 62^6 + 62^7 + 62^8 + 62^9 + 62^10 combinations.
If you compared the cryptographically secured random cryptosystem with your cryptosystem, it has 211270202026.6262640672055793% more combinations than your weak system. As a result, it requires an average of 211270202026.6262640672055793% more time to be cracked via brute forced as compared to your system, increasing it's complexity, making your system rather prone. To give you an idea of how bad it is, for every one password cracked in the cryptographically secured random cryptosystem, the same amount of computing power and time would have cracked 211270202026 passwords on your relatively weak cryptosystem.
Please note that the term "weak" here is not used offensively. It is merely a cryptography term that refers to a cryptosystem that can be easily broken with a complexity lower than brute force.
Re: Password Generator Script
I totally agree. I wasn't really trying my best with this.
Would I be able to do it by using a hash function? Going to try.
Re: Password Generator Script
I think what Jash meant is something like this:
Code:
<?php
function generateRandomString($Length)
{
$Characters = "abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()-+";
$Output = "";
for ($i = 0; $i < $Length; $i++)
{
$Output .= $Characters[rand(0, strlen($Characters) - 1)];
}
return $Output;
}
echo generateRandomString(10);
?>
Re: Password Generator Script
Thank guys. My PHP has improved.
Re: Password Generator Script
Written this a while back.
Code:
<?php
if(isset($_POST['gen']))
{
$charset = "abcdefghijklmnopqrstuvwxyz0123456789" . (($_POST['symbols']) ? "~`!@#$%^&*()_+-./?><:;][}{\|" : "");
if(empty($_POST['size1']) || empty($_POST['size2']))
die("Fill in the fields.");
if(!ctype_digit($_POST['size1']) || !ctype_digit($_POST['size2']))
die("Numbers only.");
$strLen = rand($_POST['size1'], $_POST['size2']);
for($i = 0; $i < $strLen; $i++)
{
$charNum = rand(0, strlen($charset));
$pass = $pass . $charset[$charNum];
}
echo $pass;
}
?>
<form action="" method="POST">
Password size between <input type="text" name="size1" size="1" /> characters and <input type="text" name="size2" size="1" />.<br />
<input type="checkbox" name="symbols" /> With symbols <br /> <br />
<input type="submit" name="gen" value="Generate" />
</form>