Re: Unit Testing Non-Deterministic Behaviors

This depends on how you pick the word from the file and create the number, but if you use rand for both Test::MockRandom may be a good solution for you. Essentially, this allows you to override rand in the tested module, and make it return known results which you can test for.

Just as a note, IMO a random word from a file with a number stuck at the end is a pretty horrible password generator and will almost certainly produce some easily guessable passwords over time. This is in addition to the oft-repeated mistake of sending a cleartext password through unencrypted mail. It would be better to generate a random string to send to the user for logging on once to enter a password of his own (advising some best practices on password generation on the same page).

All dogma is stupid.

Comment on Re: Unit Testing Non-Deterministic Behaviors Select or Download Code

Replies are listed 'Best First'.
Re^2: Unit Testing Non-Deterministic Behaviors by ww (Archbishop) on Jun 11, 2007 at 10:41 UTC
Semi-OT, but PLEASE, read tirwan's second paragraph over ...and over again!!! And then, if necessary, read up on dictionary-based attacks. Yes, I noted your comment that this is preliminary and hope that it means you really have no intention of doing the job this way, but -- even if so -- to future casual readers, please re-read and heed tirwan's second paragraph again. Unless the "words" in the input file are themselves random strings, using them and appending three digits is about as safe as using the "Captain Midnight decoder ring" that I so desired, ca. 1948... back when it cost a boxtop from Chex (which I don't think were called Chex, then) and a dime (no self-addressed envelope required).	[reply]
Re^2: Unit Testing Non-Deterministic Behaviors by friedo (Prior) on Jun 11, 2007 at 14:58 UTC
Thanks, tirwhan, I think Test::MockRandom will be helpful in this case. And yes, the user is required to change their password to something good after logging in with the temporary password.	[reply]
Re^3: Unit Testing Non-Deterministic Behaviors by tirwhan (Abbot) on Jun 11, 2007 at 16:19 UTC
..the user is required to change their password to something good after logging in with the temporary password. Great, but in that case it is even less necessary to generate the new password using existing words. The only valid rationality for using passwords containing real-language words is that the user is more likely to remember them and less likely to write them down and stick them to his monitor or store them on his computer somewhere. Since your newly generated password is only used once (to allow the user to set his own pw), there is no need for him/her to remember it and it might as well be a jumble of random letters. All dogma is stupid.	[reply] [d/l]