Tip for generating passwords/serial numbers

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
The recent thread in generating PINs reminded me:

Suppose I want to give someone a random password or ID then this is what  
I do:
(1) Generate a hash, eg. MD5 form something, possibly a random number.  
This gives a string in hex.
(2) Truncate it to the required number of characters

(3) Substitute the characters 0,1,5,8,B,C with eg h,k,p,r,t,w,x,y.
eg "AB15708" might become "AKTX7YH"

THE REASON is that O/0 1/l 5/S 8/B c/C can be mis-read.  (Also M and N  
are not suitable substitutes as if they are read over the phone are  
easily confused. )

Personally for 1-off numbers I prefer to have a longer string and use  
all upper case but for passwords use mixed case and shorter string to  
encourage users to mix their case when they pick their own.

PETER FOX Not the same since the submarine business went under
2 Tees Close, Witham, Essex.
Gravity beer in Essex  <http://www.eminent.demon.co.uk

Re: Tip for generating passwords/serial numbers

*** Peter Fox wrote/escribió (Tue, 2 Aug 2005 09:54:31 +0100):
Quoted text here. Click to load it

It's a very complicate algorithm to just produce a password that will only
use 16 different characters, isn't it?

http://es.php.net/mt_rand (check the user notes for examples)

-- Álvaro G. Vicario - Burgos, Spain
-- http://bits.demogracia.com - Mi sitio sobre programación web
-- Don't e-mail me your questions, post them to the group

Re: Tip for generating passwords/serial numbers

Peter Fox contained the following:

Quoted text here. Click to load it

hmm, not very memorable though.

Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/

Site Timeline