First off, your code is pretty darn long, highly inefficient, ugly, and can be shaped up a bit. But that's not why you are here. But I want you to understand -- when debugging bad code, it's harder to find the problem. Hence this is why (so far) no one has figured out what your problem is....we're lazy. Give us clean code, and we'll jump to the challenge!

My eyes immediately look to the placement of srand -- seed random number generator. This needs to be called at the top of the application, not inside the random_number function. Reseeding the random number generator between each call isn't good. In fact, it's a very bad idea for security reasons. The time xor'ing with the PID is something I haven't seen before, I assume you think there is a chance of a random number generator being started at the same time and you don't want them to coincide. I find this very odd for a database program -- so most likely this code was copied and pasted from somewhere. If it were me, I'd rewrite this whole thing from scratch. It's a maintainance problem and better password routines exist...much better routines that actually make sense to read.

Just guessing here, but I bet you are feeding the same value to srand every time. Check it out.