Creating random passwords for users.

A collegue of mine was complaining to me that he had to create accounts for 750 people on a mix of Solaris and Linux systems where he works. And he had to do it within a couple of days.

Given that he had the names and account ids in a comma delimited file all he needed was to create the accounts and send the passwords to the account owners. But where in the world was he coming up with all those passwords?

Part of the issue was on one store for account information they use SALT encryption and on the other they use MD5 passwords.

This is by no means the only way to do it but it was something I whipped up in less than 20 minutes to solve the problem. Hope this may be of some service to the next person.

A lot of extra code was left out of this for clarity sake. Some of the logic I left out was:

The actual code to generate the accounts over SSH on the various systems, including the home directories and default profiles
There was also a mapping of users==>applications that determined which profile their account was populated with
MIME::Lite to send the email to the new users. Been done to death.

A couple of caveats

This doesn't run blazingly fast due to the fact that the code ends up making multiple trips through the dictionary file while picking a password. Also the CPAN:://Tie::File tie is tied and untied multiple times with some overhead involved.
Your definition of where the dictionary file may change depending on your system.

#!/usr/bin/perl -w
######################################################################
+##
 
use strict;
use Tie::File;
use Fcntl 'O_RDONLY';
use Digest::MD5 qw(md5_hex);
use Data::Dumper;
 
print Dumper(random_password()),"\n" foreach 0..4;
 
 
exit(0);
 
 
sub random_password {
    my @punct= qw/ ; : + = % $ ! . /;
    my $retval={};
 
     
    my $word1 = select_a_word();
    my $word2 = select_a_word();
 
 
    my $plain_text= $word1 . $punct[rand($#punct)+1] . $word2;
     
    $retval->{plain_text}=$plain_text;
    $retval->{md5_hash} = md5_hex($plain_text);
    $retval->{crypt} = crypt($plain_text,pass_the_salt());
 
    return  $retval;
 
 
}
 
sub pass_the_salt {
    my @salt_lick = ( 'a'..'z' );
    return $salt_lick[rand($#salt_lick)+1] . $salt_lick[rand($#salt_li
+ck)+1];
}
 
sub select_a_word {
    my @words=();
    tie @words,"Tie::File","/usr/share/dict/linux.words",mode=>O_RDONL
+Y
        or die $!;
 
    my $word = $words[rand($#words)];
    $word =~ tr /A-Z/a-z/;
 
    untie @words;
 
    if (length($word) > 6 ) {
        return select_a_word();
    } eles {
        return $word;
    }
 
 
}
[download]

Comment on Creating random passwords for users. Download Code

Replies are listed 'Best First'.
Re: Creating random passwords for users. by b10m (Vicar) on Nov 04, 2005 at 09:29 UTC
Of course there are a billion ways to generate random passwords, yet I always tend to like the output of Crypt::PassGen: "Crypt::PassGen - Generate a random password that looks like a real word" -- b10m All code is usually tested, but rarely trusted.	[reply]
Re: Creating random passwords for users. by sauoq (Abbot) on Nov 04, 2005 at 09:51 UTC
I use Crypt::GeneratePassword. -sauoq "My two cents aren't worth a dime.";	[reply]
Re: Creating random passwords for users. by Perl Mouse (Chaplain) on Nov 04, 2005 at 10:55 UTC
Eew. For each password, you tie a list of words using Tie::File at least twice - only to extract a single word each time. In order to do so, you have to read the entire file (if only to determine the number of lines). And you recurse if the word you pick is too long. While you'll save some memory, this isn't going to be efficient. I'd write `select_a_word` as: `my @words; INIT { open my $wh, "<", "/usr/share/dict/linux.words" or die; @words = grep {6 > length} <$wh>; close $wh or die; } sub select_a_word {lc $words[rand @words]}` [download] But then, I wouldn't use your snippet, if only for the fact it can generate passwords not longer than 5 characters. Your number of possible salts is also low, 676 instead of the 4096 possibilities most systems allow for. Finally, I'd use 'crypt' to generate both sets of passwords, as my system knows whether to use DES or MD5 based on the salt being used. (DES takes a 2 character salt, MD5 an 8 character salt, preceeded with '$1$', and (optionally) followed by a '$', giving 11 or 12 characters to pass into 'crypt'). But not every system will do so. `Perl --((8:>*`	[reply] [d/l]
Re^2: Creating random passwords for users. by blue_cowdawg (Monsignor) on Nov 04, 2005 at 13:22 UTC
Eew. For each password, you tie a list of words using Tie::File at least twice - only to extract a single word each time. In order to do so, you have to read the entire file (if only to determine the number of lines). And you recurse if the word you pick is too long. Please Note: I did mention something about that as being one of the weaknesses of the design. I would certainly come up with a better way if I were to use this in a "more permanent" fashion. I'm not sure that slurping all the files into memory is the answer either. Peter L. Berghold -- Unix Professional Peter -at- Berghold -dot- Net; AOL IM redcowdawg Yahoo IM: blue_cowdawg	[reply]