php doubts how to generate ten random password

Asked

Viewed 391 times

1

Hello, I have this code that looks like what I want. well it generate number from 1 to 10 and second type:
1
2
and there goes.

I wish instead of the number, it would generate random passwords
guy:
w3e4r5
g6t5e4
and there goes.

<?php 
for ($x = 1; $x <= 10; $x++) {
    echo "$x";
} 
?>

3 answers

4


The PHP 7 has a function called random_bytes that if you convert from binary to Hex, generates a string similar to what you want.

<?php
// Usando a função random_bytes do PHP 7
for ($x = 1; $x <= 10; $x++) 
{
    echo bin2hex(random_bytes(3)) . "<br>"; // gera uma string pseudo-randômica criptograficamente segura de 6 caracteres
} 
?>

Example of output(changes every time you run the script):

eb5a35
ce5121
d5c514
e4eec4
48d781
52367c
ae39cd
5ef0ff
dfe681
0ac13f

Reference: https://secure.php.net/manual/en/function.random-bytes.php


But if you still do not use PHP7 or did not like the option with hexadecimal used by the existing function in PHP7, an interesting technique that I saw in Stack Overflow in English and adapted here is with the use of str_shuffle, a function that randomly shuffles strings. This function is present in PHP from PHP 4.

<?php


// Usando str_shuffle (mistura strings aleatoriamente)
for ($x = 1; $x <= 10; $x++) 
{

    //Inclua todos os caracteres que gostaria que aparecessem nas strings geradas
    $caracteres_q_farao_parte = 'abcdefghijklmnopqrstuvwxyz0123456789';

    $password = substr( str_shuffle($caracteres_q_farao_parte), 0, 6 );     

    echo $password . "<br>";

} 


?>

Example of output(will come out different every time you run the script):

yc7dj6
g57rt0
prwgdn
hctvog
d2l0cq
r78fp1
0z6c4e
95m8fa
19bnx5
vyw8p6

Reference: http://php.net/manual/en/function.str-shuffle.php

  • 2

    If you are in PHP below 7 you can use the https://github.com/paragonie/random_compatimplementation to use the random_bytes, as described in the documentation, is the best option.

3

If you really care "exaggeratedly" safely use the Libsodium, it possesses both resources, to generate and to convert to hexadecimal, I am responding this based on what I answered here.

for($gerar = 10; $gerar > 0; $gerar--){
    echo \Sodium\bin2hex( \Sodium\randombytes_buf(3) );
}

The bin2hex original PHP, as answered by @Antonio Alexandre, is vulnerable to attacks side-Channel, as long as the \Sodium\bin2hex is more resistant and this type of attack.

0

Here is a solution

     function randomPassword() {
        $alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890';
        $pass = array(); 
        $alphaLength = strlen($alphabet) - 1; 
        for ($i = 0; $i < 8; $i++) {
            $n = rand(0, $alphaLength);
            $pass[] = $alphabet[$n];
        }
        return implode($pass); 
    }

  for ($x = 1; $x <= 10; $x++) {
      echo randomPassword() .'<br>';
    }

Browser other questions tagged

You are not signed in. Login or sign up in order to post.