Random Password Generator

Passwords are like underwear

They should be changed often, not left in the open, and not shared with anyone…

So, need a quick, random password?

Well, here’s a script I wrote that generates a random password with a given number of characters, with the choice to select Upper case, Lower case, numbers and / or special characters.

It excludes characters that are easily confused (lower case l & number 1, capital O, number 0, etc).

Password will appear here.

Here’s the source code

Web Form:

<?php
  	ob_start(); //start gathering data. prevents buffer overflow
?>
<blockquote id="passwordBlock" style="border: solid 2px #888; padding: 15px; background-color: #ffffff; color: #000000; height: 35px;"><i>Password will appear here.</i></blockquote>
<!--display form for options. 'onkeyup' erases any non-numeric characters.-->
<form id="passwordGenerator" method="post" name="passwordGenerator">
<table>
<tbody>
<tr>
<td><input id="length" onkeyup="this.value=this.value.replace(/[^0-9]/g,'')" type="text" maxlength="2" name="length" size="2" value="8" /></td>
<td>number of characters (8+ for stronger passwords, 99 limit)</td>
</tr>
<tr>
<td align="right"><input id="useUpper" type="checkbox" checked="checked" name="useUpper" /></td>
<td>Use upper case characters: ABCDEFGHJKPQRSTUXYZ</td>
</tr>
<tr>
<td align="right"><input id="useLower" type="checkbox" checked="checked" name="useLower" /></td>
<td>Use lower case characters: abcdefghjkopqrstuxyz</td>
</tr>
<tr>
<td align="right"><input id="useNumbers" type="checkbox" checked="checked" name="useNumbers" /></td>
<td>Use numbers: 23456789</td>
</tr>
<tr>
<td align="right"><input id="useSpecialChars" type="checkbox" checked="checked" name="useSpecialChars" /></td>
<td>Use special characters: !@#$%()</td>
</tr>
<tr>
<td colspan="2" align="middle"><input id="generatePassword" onclick="javascript:attachFile('/randomPass-process.php?length=' + document.getElementById('length').value + '&amp;useUpper=' + document.getElementById('useUpper').checked + '&amp;useLower=' + document.getElementById('useLower').checked + '&amp;useNumbers=' + document.getElementById('useNumbers').checked + '&amp;useSpecialChars=' + document.getElementById('useSpecialChars').checked )" type="button" name="generatePassword" value="generate password" /></td>
</tr>
</tbody>
</table>
</form>
<?php
  	ob_end_flush(); //done gathering, let it all out!
?>

<?php

ob_start(); //start gathering data. prevents buffer overflow

<blockquote id="passwordBlock" style="border: solid 2px #888; padding: 15px; background-color: #ffffff; color: #000000; height: 35px;"><i>Password will appear here.</i></blockquote>

<table>

<tbody>

<tr>

<td>number of characters (8+ for stronger passwords, 99 limit)</td>

</tr>

<tr>

<td>Use upper case characters: ABCDEFGHJKPQRSTUXYZ</td>

</tr>

<tr>

<td>Use lower case characters: abcdefghjkopqrstuxyz</td>

</tr>

<tr>

<td>Use numbers: 23456789</td>

</tr>

<tr>

<td>Use special characters: !@#$%()</td>

</tr>

<tr>

</tr>

</tbody>

</table>

</form>

<?php

ob_end_flush(); //done gathering, let it all out!

randomPass-process.php:

<?php
ob_start();
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT\n"); //fix for IE caching first generated password
header( 'Content-Type: text/javascript' );

function fGenerateRandomPassword($length,$useUpperCase,$useLowerCase,$useNumbers,$useSpecialChars)
    {
    //define strings for each category
	$upperCase = "ABCDEFGHJKPQRSTUXYZ";
	$lowerCase = "abcdefghjkopqrstuxyz";
	$numbers = "23456789";
	$specialChars = "!@#$%()";

    //adds characters from category if selected
    $toUse = "";
    $countToUse = 0;
    if($useUpperCase == "true") { $toUse .= $upperCase; $countToUse++; }
    if($useLowerCase == "true") { $toUse .= $lowerCase; $countToUse++; }
    if($useNumbers == "true") { $toUse .= $numbers; $countToUse++; }
    if($useSpecialChars == "true") { $toUse .= $specialChars;  $countToUse++; }

    if($length < $countToUse) //if number entered is less that the count of selected character sets.
        {
        return "<i--><b>'number of characters'</b> can not be less than selection of characters to use.
";
        break;
        }

    //no errors, generate the password
    $password = "";
    for ($i = 0; $i &lt; $length; $i++)
        {
        $password .= $toUse[(rand() % strlen($toUse))];
        }

    //define the array to return
    $passwordArray[0] = $password;
    $passwordArray[1] = $upperCase;
    $passwordArray[2] = $lowerCase;
    $passwordArray[3] = $numbers;
    $passwordArray[4] = $specialChars;

    //check that the password contains at LEAST 1 character from each selected category
    $hasUpper = strpbrk($passwordArray[0],$passwordArray[1]);
    $hasLower = strpbrk($passwordArray[0],$passwordArray[2]);
    $hasNumber = strpbrk($passwordArray[0],$passwordArray[3]);
    $hasSpecChar = strpbrk($passwordArray[0],$passwordArray[4]);
    if(($useUpperCase == "true" &amp;&amp; $hasUpper == "") || ($useLowerCase == "true" &amp;&amp; $hasLower == "") || ($useNumbers == "true" &amp;&amp; $hasNumber == "") || ($useSpecialChars == "true" &amp;&amp; $hasSpecChar == ""))
        {
        return "FALSE";
        }

    //it contains everything it needs... return the password
    else
        {
        $password = "Your password is:
<b>".$passwordArray[0]."</b>";
        return $password;
        }
    }

do // get the password to display
    {
    $password = fGenerateRandomPassword($_GET['length'],$_GET['useUpper'],$_GET['useLower'],$_GET['useNumbers'],$_GET['useSpecialChars']);
    }
while($password=="FALSE") // until it's not returned as 'FALSE'

?>
document.getElementById('passwordBlock').innerHTML = '<?php echo $password; ?>';
<?php ob_end_flush(); ?>

<?php

ob_start();

header("Expires: Mon, 26 Jul 1997 05:00:00 GMT\n"); //fix for IE caching first generated password

header( 'Content-Type: text/javascript' );

function fGenerateRandomPassword($length,$useUpperCase,$useLowerCase,$useNumbers,$useSpecialChars)

{

//define strings for each category

$upperCase = "ABCDEFGHJKPQRSTUXYZ";

$lowerCase = "abcdefghjkopqrstuxyz";

$numbers = "23456789";

$specialChars = "!@#$%()";

//adds characters from category if selected

$toUse = "";

$countToUse = 0;

if($useUpperCase == "true") { $toUse .= $upperCase; $countToUse++; }

if($useLowerCase == "true") { $toUse .= $lowerCase; $countToUse++; }

if($useNumbers == "true") { $toUse .= $numbers; $countToUse++; }

if($useSpecialChars == "true") { $toUse .= $specialChars; $countToUse++; }

if($length < $countToUse) //if number entered is less that the count of selected character sets.

{

return "<i--><b>'number of characters'</b> can not be less than selection of characters to use.

break;

}

//no errors, generate the password

$password = "";

for ($i = 0; $i < $length; $i++)

{

$password .= $toUse[(rand() % strlen($toUse))];

}

//define the array to return

$passwordArray[0] = $password;

$passwordArray[1] = $upperCase;

$passwordArray[2] = $lowerCase;

$passwordArray[3] = $numbers;

$passwordArray[4] = $specialChars;

//check that the password contains at LEAST 1 character from each selected category

$hasUpper = strpbrk($passwordArray[0],$passwordArray[1]);

$hasLower = strpbrk($passwordArray[0],$passwordArray[2]);

$hasNumber = strpbrk($passwordArray[0],$passwordArray[3]);

$hasSpecChar = strpbrk($passwordArray[0],$passwordArray[4]);

if(($useUpperCase == "true" && $hasUpper == "") || ($useLowerCase == "true" && $hasLower == "") || ($useNumbers == "true" && $hasNumber == "") || ($useSpecialChars == "true" && $hasSpecChar == ""))

{

return "FALSE";

}

//it contains everything it needs... return the password

else

{

$password = "Your password is:

<b>".$passwordArray[0]."</b>";

return $password;

}

do // get the password to display

{

$password = fGenerateRandomPassword($_GET['length'],$_GET['useUpper'],$_GET['useLower'],$_GET['useNumbers'],$_GET['useSpecialChars']);

}

while($password=="FALSE") // until it's not returned as 'FALSE'

document.getElementById('passwordBlock').innerHTML = '<?php echo $password; ?>';

<?php ob_end_flush(); ?>