in reply to Alpha/Numeric random generating

Restricting to alphanumerics, as your title suggests:

#!/usr/bin/perl
use warnings;
use strict;

use constant PWCHARS =>  ['0'..'9', 'A'..'Z', 'a'..'z'];
sub rand_char {
    PWCHARS->[rand @PWCHARS]
}

my $foo;
for (1..( ARGV[0] || 8 ) ) {
    $foo .= rand_char;
}
print $foo, $/;

[download]

This runs from the command line, with the number of characters desired as the first argument. The default is eight characters.

After Compline,
Zaxo

Replies are listed 'Best First'.
Re: Re: Alpha/Numeric random generating
by waswas-fng (Curate) on Nov 08, 2002 at 21:46 UTC
    If you will be generating completely random passwords like this you may want to remove "lI10O" from the PWCHARS as they tend to look alike when printed on screen depending on the font. =)

    -Waswas
[reply]
[d/l]
      Along these lines, adding some non-alphanumeric characters to the list will also make the passwords much more secure.

      And for the ultimate in security, throw in some extended Unicode ;-)
[reply]
        Along these lines, adding some non-alphanumeric characters to the list will also make the passwords much more secure.

        Actually, it won't. The seed space for most rand() implementations is only 32 bits. An 8-character lower-case password has a maximum of log(26)/log(2)*8 == 37.6 bits of entropy. That means it's already much easier to brute-force the pseudorandom number generator than to brute force the password directly. Adding upper case, numeric, and non-alphanumeric characters doesn't change this.

        In order to get enough randomness, you need to use something like Crypt::Random.

        use Crypt::Random "makerandom_itv";
@chars = map chr, ord("!")..ord("~");
$pass .= $chars[
    makerandom_itv(Lower=>0, Upper=>scalar(@chars))]
    for 1..8;
print $pass, "\n";

        [download]

        String::Random is nice, but it uses weak random number generation.

[reply]
[d/l]

In Section Seekers of Perl Wisdom