Random password generation in bulk

Question

Random password generation in bulk

I use this source code to generate random passwords:

public string GetRandomPasswordUsingGUID(int length) { // Get the GUID string guidResult = System.Guid.NewGuid().ToString(); // Remove the hyphens guidResult = guidResult.Replace("-", string.Empty); // Make sure length is valid if (length <= 0 || length > guidResult.Length) throw new ArgumentException("Length must be between 1 and " + guidResult.Length); // Return the first length bytes return guidResult.Substring(0, length).ToUpper(); }

It works great when calling a method, but not in a for loop statement.

In this case, it generates several duplicate passwords, which is incorrect.

for example, for example:

 A4MNB597D7 AMGJCCC902 AWJ80CF6HX A78EDJECIW A78EDJECIW A78EDJECIW A78EDJECIW A78EDJECIW A2LYJCH23N A2LYJCH23N

How to create a random password in a "For" loop statement?

+4

c # passwords random asp.net

Mostafa May 31 '11 at 19:24

source share

5 answers

This is not an answer to the question specifically, but that is why your GUID solution will not work:

http://blogs.msdn.com/b/oldnewthing/archive/2008/06/27/8659071.aspx

+3

asawyer May 31 '11 at 19:28

source share

If you are going to generate random passwords in the assembly, I would strongly recommend not using "NewGuid ()", because based on the generation algorithm to create UUID segments, they are based on a unique time stamp of ~ 100 ms.

Take a look:

http://en.wikipedia.org/wiki/Universally_unique_identifier

You would be better off creating a lookup table of valid characters and use a static "random" object and indexing characters into a table based on the generated random number.

+2

Brandon moretz May 31 '11 at 19:28

source share

Ironically, you would have had better results if you used the last characters of your GUID, rather than the first.

To answer your question, just:

 private static Random rng=new Random(); private static string PasswordAlphabet="0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"; public string GetRandomPasswordUsingGUID(int length) { string result=""; while(length-->0) result+=PasswordAlphabet[rng.Next(PasswordAlphabet.Length)]; return result; }

+1

Blindy May 31 '11 at 19:29

source share

You can use the Asp.net membership class, which has a password generator built in. It is located in the System.Web.Security namespace in the System.Web dll.

 // Generate a new 12-character password with 1 non-alphanumeric character. string password = Membership.GeneratePassword(12, 1);

Read more here MSDN: Memberhip.GeneratePassword Method

+1

Alex KeySmith 24 sept '12 at 12:06

source share

blowdart · Accepted Answer · 2011-05-31T19:28:03+0000

GUIDs are not random, they are unique (in only one system). Even the random number generator has restrictions on it, the minimum and maximum values that it will return, and being truly random, means that you can get the same result again and again, you just can’t say.

Are you sure you mean random, not strong?

Xkcd http://xkcd.com/221/

So, now we have an idea that you want 500 -1000 unique passwords. I would question the need for uniqueness, as I assume they are for the user account, however ... (entered without using VS)

 List<string> passwords = new List<string>(); while (passwords.Length < 1000) { string generated = System.Web.Security.Membership.GeneratePassword( 10, // maximum length 3) // number of non-ASCII characters. if (!passwords.Contains(generated)) passwords.Add(generated); }

And then you will have a list of 1000 unique passwords that contain no more than 10 characters and 3 characters other than ASCII.

Random password generation in bulk

More articles: