Random password generator

Forum for things that doesn't really have anything to do with hMailServer. Such as php.ini, beer, etc etc.
Post Reply
palinka
Senior user
Senior user
Posts: 2180
Joined: 2017-09-12 17:57

Random password generator

Post by palinka » 2020-09-23 13:08

I know there are tons of these on the interwebs, but I was bored last night so I made one. Maybe its useful to someone. Maybe even me. :lol:

Demo here: https://firewallban.dynu.net/pw/

PHP:

Code: Select all

<!DOCTYPE html> 
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1">
</head>
<body>
	<h1>Random Password Generator</h1><br><br>
	

	<?php
		function randomPassword($alphabet, $pwlen) {
			$pass = array(); 
			$alphaLength = strlen($alphabet) - 1; 
			for ($i = 0; $i < $pwlen; $i++) {
				$n = rand(0, $alphaLength);
				$pass[] = $alphabet[$n];
			}
			return implode($pass); 
		}
		
		function validatepassword($pw){
			global $alphalo;
			global $alphahi;
			global $numeric;
			global $symbol1;
			global $symbol2;
			
			if ($alphalo) {if (preg_match('@[a-z]@', $pw)) {$alphalopm = true;} else {$alphalopm = false;}} else {$alphalopm = true;}
			if ($alphahi) {if (preg_match('@[A-Z]@', $pw)) {$alphahipm = true;} else {$alphahipm = false;}} else {$alphahipm = true;}
			if ($numeric) {if (preg_match('@[0-9]@', $pw)) {$numericpm = true;} else {$numericpm = false;}} else {$numericpm = true;}
			if ($symbol1) {if (preg_match('@[\+\-\_\=\!\#\$\&]@', $pw)) {$symbol1pm = true;} else {$symbol1pm = false;}} else {$symbol1pm = true;}
			if ($symbol2) {if (preg_match('@[\*\,\.\:\?\^\~\%]@', $pw)) {$symbol2pm = true;} else {$symbol2pm = false;}} else {$symbol2pm = true;}

			if ($alphalopm && $alphahipm && $numericpm && $symbol1pm && $symbol2pm){$pwvalid = true;} else {$pwvalid = false;}
			
			return $pwvalid;
		}	

		if (isset($_POST['pwlen'])){$pwlen = $_POST['pwlen'];} else {$pwlen = 12;}
		if (isset($_POST['alphalo'])){$alphalo = $_POST['alphalo'];} else {$alphalo = "";}
		if (isset($_POST['alphahi'])){$alphahi = $_POST['alphahi'];} else {$alphahi = "";}
		if (isset($_POST['numeric'])){$numeric = $_POST['numeric'];} else {$numeric = "";}
		if (isset($_POST['symbol1'])){$symbol1 = $_POST['symbol1'];} else {$symbol1 = "";}
		if (isset($_POST['symbol2'])){$symbol2 = $_POST['symbol2'];} else {$symbol2 = "";}

		?>
		
		<form action="#" method="post">
			<label for="pwlen">Password Length (between 5 and 128):</label>
			<input type="number" id="pwlen" name="pwlen" min="5" max="128" value="<?php echo $pwlen;?>"><br><br>
			<input type="checkbox" name="alphalo" value="abcdefghijklmnopqrstuvwxyz" <?php if ($alphalo){echo "checked";}?> >Alpha Lower Case</input><br>
			<input type="checkbox" name="alphahi" value="ABCDEFGHIJKLMNOPQRSTUVWXYZ" <?php if ($alphahi){echo "checked";}?> >Alpha Upper Case</input><br>
			<input type="checkbox" name="numeric" value="0123456789" <?php if ($numeric){echo "checked";}?> >Numeric</input><br>
			<input type="checkbox" name="symbol1" value="+-_=!#$&" <?php if ($symbol1){echo "checked";}?> >Symbols: +-_=!#$&</input><br>
			<input type="checkbox" name="symbol2" value="*,.:?^~%" <?php if ($symbol2){echo "checked";}?> >Symbols: *,.:?^~%</input><br><br>
			<input type="submit" name="submit" value="Submit"/>
		</form>
		<br><br>

		<?php

		if (!($alphalo || $alphahi || $numeric || $symbol1 || $symbol2)){
			echo "No password alphabet attributes selected. Please check at least one box above.";
		} else {
			$alphabet = $alphalo.$alphahi.$numeric.$symbol1.$symbol2;
			do {
				$pw = randomPassword($alphabet, $pwlen);
				if (validatepassword($pw)) {
					echo "Your randomly created password: <h1><span style='background-color:#FFFF00;font-weight:bold;'>".$pw."</span></h1>";
				}
			} while (!(validatepassword($pw)));
		}
	?>
</body>
</html>

palinka
Senior user
Senior user
Posts: 2180
Joined: 2017-09-12 17:57

Re: Random password generator

Post by palinka » 2020-10-02 20:47

I had a little fun with this. I installed two dictionaries into mysql.

One is a 300k+ English word dictionary. I use it to create random passphrases. Input the length of the word and the number of words and a random passphrase based on those criteria is created.
https://github.com/dwyl/english-words

The other dictionary is the top million common passwords. These passwords are also used for dictionary attacks. You can test your own password against this dictionary.
https://github.com/danielmiessler/SecLi ... redentials

I read somewhere that a supercomputer password cracker can test 3.5 billion passwords per second. So I made my criteria for "STRONG" passwords that supercomputer taking at least 100 years to crack the password. Using all available characters on an English keyboard (94), you would need at least a 10 character password to meet that criteria. :D

Anyway, fooling around in my free time. Something to ponder.

https://firewallban.dynu.net/pw/

Post Reply