Generating a random password in php

by

Security warning: rand() is not a cryptographically secure pseudorandom number generator. Look elsewhere for generating a cryptographically secure pseudorandom string in PHP.

Try this (use strlen instead of count, because count on a string is always 1):

function randomPassword() {
    $alphabet="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";
    $pass = array(); //remember to declare $pass as an array
    $alphaLength = strlen($alphabet) - 1; //put the length -1 in cache
    for ($i = 0; $i < 8; $i++) {
        $n = rand(0, $alphaLength);
        $pass[] = $alphabet[$n];
    }
    return implode($pass); //turn the array into a string
}

Demo

More Related Contents:

  1. Secure hash and salt for PHP passwords
  2. How can I store my users’ passwords safely?
  3. Two-way encryption: I need to store passwords that can be retrieved
  4. Secure random number generation in PHP
  5. How to best store user information and user login and password
  6. encrypt and decrypt md5
  7. How to create a laravel hashed password
  8. best practice to generate random token for forgot password
  9. Many hash iterations: append salt every time?
  10. Is it ever ok to store password in plain text in a php variable or php constant?
  11. a better approach than storing mysql password in plain text in config file?
  12. Generate cryptographically secure random numbers in php
  13. str_shuffle and randomness
  14. Unique key generation
  15. How to generate random password with PHP?
  16. xss attack on a php page
  17. How can I sanitize user input with PHP?
  18. How to create a secure mysql prepared statement in php?
  19. Simplest two-way encryption using PHP
  20. Generating random results by weight in PHP?
  21. Using PHP 5.5’s password_hash and password_verify function
  22. SQL injections in ADOdb and general website security
  23. In a PHP / Apache / Linux context, why exactly is chmod 777 dangerous?
  24. How to sanitze user input in PHP before mailing?
  25. How to create a random string using PHP?
  26. Efficiently pick n random elements from PHP array (without shuffle)
  27. How can I determine a file’s true extension/type programmatically?
  28. Set httpOnly and secure on PHPSESSID cookie in PHP
  29. Does PHP’s $_REQUEST method have a security problem?
  30. Json: PHP to JavaScript safe or not?

Leave a Comment