Creating random Passwords - KiXtart.org

You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Advanced Scripting » Creating random Passwords

Page 1 of 2

Topic Options

#70904 - 2002-10-16 07:29 PM Creating random Passwords
kncowans kncowans Getting the hang of it Registered: 2000-11-11 Posts: 98 Loc: Doncaster, UK	Hello I am trying to create a script that will create a random password based on the following: 2 Letters followed by 4 digits, i.e. QQ4763. Preferably the created password should be unique, i.e. the created password should be unique within every 200 created passwords. Any suggestions how I could achieve this from within KiXtart? Thanks in advance Kevin _________________________ Kevin Cowans Senior ICT Technician The Armthorpe School
Top

#70905 - 2002-10-16 07:40 PM Re: Creating random Passwords
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	There's a difference between should and must. How are you at gambling on random odds? _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#70906 - 2002-10-16 07:49 PM Re: Creating random Passwords
Jack Lothian Jack Lothian MM club member Registered: 1999-10-22 Posts: 1169 Loc: Ottawa,Ontario, Canada	It doesn't quite fit your requirements but I have a modified version of an excel macro that generates passwords based upon a list of user names. We use it to generate userids & passwords for about 1000 students when the accounts are initialized in september. It uses letters from the first & last name to generate the first 4 letters & 2 random numbers for the last 2. The sheet also generates unique user id. We found that giving user ID & passwords based upon a formula from the student names helps because students remember them. With completely random passwords we were getting too many requests for the passwords. Several a class - daily in fact. It comes from the MS Educational Communication Tool for NT server but we improved it. As for randomizing - just experiment with the kixtart random number generator. You can play with the seed as well. If you really want, writing your own random number genertor is not very hard. Lots of examples on the web but for what you want the internal kixtart function is probably fine. [ 16. October 2002, 19:53: Message edited by: Jack Lothian ] _________________________ Jack
Top

#70907 - 2002-10-16 07:51 PM Re: Creating random Passwords
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	You know, if you search the Scripts forum on the three words random password generator you get the following hits: Windows NT-2000 Strong Random Password Generator Change Network NT password from script (reply # KiX Algorithmic Password Generator (reply # 1) One more Password generator, and a very strange Random Password Generator I could have pasted the links but you might benefit from practicing the search yourself. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#70908 - 2002-10-16 08:00 PM Re: Creating random Passwords
Sealeopard Sealeopard KiX Master Registered: 2001-04-25 Posts: 11165 Loc: Boston, MA, USA	You could also take a look at the KiXtart Manual and try to find RND() and SRND(). _________________________ There are two types of vessels, submarines and targets.
Top

#70909 - 2002-10-16 11:37 PM Re: Creating random Passwords
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11629 Loc: CA	And if you want to convert it to KiXtart... Incrementing an Alpha-Numeric Number http://www.15seconds.com/howto/pg001041.htm
Top

#70910 - 2002-10-18 12:55 AM Re: Creating random Passwords
Howard Bullock Howard Bullock KiX Supporter Registered: 2000-09-15 Posts: 5809 Loc: Harrisburg, PA USA	If you want a strong random password, check Win32Admin.DLL. See this link: http://www.kixtart.org/cgi-bin/ultimatebb.cgi?ubb=get_topic;f=13;t=000341 A strong password of varying length can be generated. _________________________ Home page: http://www.kixhelp.com/hb/
Top

#70911 - 2002-10-18 02:03 AM Re: Creating random Passwords
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11629 Loc: CA	Howard, Did you try this one from Bryce? Windows NT-2000 Strong Random Password Generator It DOES NOT allow numbers at the front or end of the value (as these are very easy for crackers like lopht to crack). It also only allows characters that can be typed on the keyboard (Dec 0 to Dec 127 of ASCII) You can select how many passwords you want, and how long they should be as well. Actually a pretty good algorithm. Does your code follow a similar pattern constraint? Here is a sample of the output from the script when set to get 50 passwords of 10 character length. code: Pkn}y9n-eG Ja~iwwCC-f u>@Ey6O)2y \|uX!\|KQMM% %]qV~HS[#a i)He(CUvt# ^zJb#?W0[# Y:_CI<-)Hr (<\BC7a`Iz b>FR\3&@>I b@6SN.pHE] lnvde}R46H QJYDO&d!St sA#.n"p^L\ C7CgSX&'i\ 'fkbB2CD, &k,q^=x=TL Cxv>7Ip\|d} B!$+ZT[j,% CWR6g`B!] '@WbQ&)XbO ]o8^@wZg'e uX#[B~#UXl LlP\D_#oDO po=[^?#k"U zhz1>X,ThS !yGr,p_w&! #10?&PXT4c b!Ro:1Q4vg L=kYlvs:(? nP;{8g"Kuo S4T>8YXy[f !E.~=J},kG )D9g\6of,. P2K<q'_cKB -AU9udfuT" hLfDrcc25H ,??qv;Uo(# !@4DIf&a@Z z,h=&[SR5n /Y.B?2CzTZ H:4=[{RT6? ip)NmRGsMA B7yx69(-H" H!R.R1kf2e ,x#8va5z .9.PVSKGxP nJ>tW^Nx^s FB\Y[6Q_;~ ]V5wWiX\./ [ 18. October 2002, 02:04: Message edited by: NTDOC ]
Top

#70912 - 2002-10-18 02:15 AM Re: Creating random Passwords
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	One of our systems has very specific reqs. Must be a minimum of 6 characters, to a maximum of 10 Must start with an alphabetical character Must contain at least one number Cannot have any repeating characters or number (i.e. 11 or aa or ff) Cannot contain special characters (i.e. ! @ # $ % ^ & * () + - \| \ = _ ‘ ; . , / ? ] [ } { ~ ` " ) Cannot be a function key (i.e. F1, F12, F5, etc.) It also remembers the last 48 (I think) of your old passwords. How's that for complicating a random password generator? I once had a 400 programmer working here that didn't like to change passwords. He wrote a proggy to cycle through a whole bunch of passwords in the hopes that he could reuse the one he wanted. My NetWare server foiled him because I put a 1 day retention on changes. That meant that he could only change his password once a day. That meant it would take him over a month before he could reuse his favorite password. [ 18. October 2002, 02:22: Message edited by: LLigetfa ] _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#70913 - 2002-10-18 02:25 AM Re: Creating random Passwords
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11629 Loc: CA	hmmm... by not using *@ # $ % ^ & () + - \| \ = _ ‘ ; . , / ? ] [ } { ~ ` "** That leaves the password NOT as secure as it could be. Allows a much smaller subset of values to crack. I'm sure Bryce might be able to modify it "fairly" easily to disallow those characters (not sure, as Bryce wrote it, not me.) Then remove the no "double" requirement and you have what you're looking for, or your AS400 folks are looking for. [ 18. October 2002, 02:27: Message edited by: NTDOC ]
Top

#70914 - 2002-10-18 02:27 AM Re: Creating random Passwords
Howard Bullock Howard Bullock KiX Supporter Registered: 2000-09-15 Posts: 5809 Loc: Harrisburg, PA USA	NTDOC, I use: 'A'..'H', 'K', 'M', 'N', 'P'..'R', 'T'..'Y', '!', '@', '#', '$', '%', '&', '*', 2..9, 'a'..'h', 'k', 'm', 'n', 'p'..'z' Certain troublesome items like "O" and "0", "1" and "l" have been left out so that user confusion can be minimized. The password length is specified as a parameter to the DLL function. If the length is 4 or greater then the password must be composed of at least 3 of the 4 character classes. This should be sufficient for most applications. [ 18. October 2002, 02:28: Message edited by: Howard Bullock ] _________________________ Home page: http://www.kixhelp.com/hb/
Top

#70915 - 2002-10-18 02:27 AM Re: Creating random Passwords
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	Yeah.. but 3 strikes.. you're out! No chance of brute force. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#70916 - 2002-10-18 02:28 AM Re: Creating random Passwords
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11629 Loc: CA	Cool, Thanks for the update Howard. I agree those odd characters can be confusing even when seen on paper.
Top

#70917 - 2002-10-18 02:32 AM Re: Creating random Passwords
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	Are you fmiliar with the M$ passfilt.dll? http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/security/passfiltdll.asp I was giving this some thought. Would likely make me an unpopular fellow. Hmm, could I be any less popular? _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#70918 - 2002-10-18 02:34 AM Re: Creating random Passwords
Howard Bullock Howard Bullock KiX Supporter Registered: 2000-09-15 Posts: 5809 Loc: Harrisburg, PA USA	We have turned on strong passwords on our W2K infrastructure. No problems. We just told them that it was stronger security in the new Microsoft operating system. _________________________ Home page: http://www.kixhelp.com/hb/
Top

#70919 - 2002-10-18 02:35 AM Re: Creating random Passwords
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11629 Loc: CA	That is only for NT 4 Domains. It is part of the OS in Active Directory. You can select how strong you want it. We (Corporate) turned it on for us. You're right, the users HATE us for it, but it was not our decision.
Top

#70920 - 2002-10-18 02:41 AM Re: Creating random Passwords
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	Yeah, I know it's for NT4 which is what I'm running. I also know it's built into AD so will be crossing that bridge soon enough. As for more secure... the users revolt by writing their password on the front of their monitor. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#70921 - 2002-10-18 03:01 AM Re: Creating random Passwords
Howard Bullock Howard Bullock KiX Supporter Registered: 2000-09-15 Posts: 5809 Loc: Harrisburg, PA USA	I also have code that generates passwords like Compuserve used to give out. Car@dog1 cat!jet9 etc... This code has an internal word file which can be superceded by an externally defined word file. I was considering adding this to the GenRandomPW function of Win32Admin.DLL and permitting the user to specify the type of password desired. _________________________ Home page: http://www.kixhelp.com/hb/
Top

#70922 - 2002-10-18 06:51 PM Re: Creating random Passwords
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11629 Loc: CA	Howard, I would actually be interested in seeing that code.
Top

#70923 - 2002-10-18 07:26 PM

Re: Creating random Passwords

Howard Bullock Offline

KiX Supporter

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA

code:

#------------------------------------------------------------------------------------------------------------
# Initialize @word for password generation
#------------------------------------------------------------------------------------------------------------
my @words;
&InitGenWordPW (\@words); 

sub InitGenWordPW (\@words)
{
   # This subroutine populates an array of words from an external file.
   # The array will be used by &GenWordPW to build an easier to remember PW
   # This subroutine is called once per program execution to minimize IO.
   my $WordsArrayRef = shift;

   my $wordfile = $RootPath . "\\..\\pwdata\\wordlist.txt";
   if (-e $wordfile)
   {
      &LogText($LogFile, "Password word list file found.");
      if (open (WORDFILE, $wordfile))
      {
         local $/;
         my $text = <WORDFILE>;
         $text =~ s/\W+/\n/g;
         @$WordsArrayRef = split /\n/,$text;
         close INFILE;
      }
      else
      {
         &LogText($LogFile, "Error opening $wordfile: $^E");
      }
    }
    else
    {
      &LogText($LogFile, "Password word list file NOT found: $wordfile");
    }
}

sub GenWordPW (\@words)
{
   # This subroutine generates a password that is easier to remember than GenRandomPW.
   # The format of the password is word1, punctuation, word2,  number  Ex: cat@dog1
   # The subroutine will first attempt to use an array that was populate externally by
   # &InitGenWordPW. If the array is empty then the subroutine will populate the array using
   # the words contained within the subroutine definition.

   my $WordsArrayRef = shift;
   my $password;
   if (scalar @$WordsArrayRef == 0)
   {
      &LogText($LogFile, "PW word array not populated. Using default word list.");
      @$WordsArrayRef = ('bird', 'cat' , 'dog', 'egg', 'pup', 'gas', 'pear', 'kiwi',
                        'bag', 'cap', 'oil', 'box', 'cup', 'jet', 'car', 'bus', 'zoo');
   }
   my @punc = ('!', '@', '#', '$', '%', '&', '*');
   my @num = (2..9);

   my $word1 = $$WordsArrayRef [rand (scalar @$WordsArrayRef)];
   my $punc = @punc [rand (scalar @punc)];
   my $word2 = $$WordsArrayRef [rand (scalar @$WordsArrayRef)];
   my $num = @num [rand (scalar @num)];

   if (($word1 && $punc && $word2 && $num) and (length($word1 . $punc . $word2 . $num) >= 8))
   {
      $password =  "$word1$punc$word2$num";
   }
   else
   {
      &LogText($LogFile, "GenWordPW failed to provide an acceptable PW (" . $word1 . $punc . $word2 . $num . ") Generating random PW.");
      $password = &GenRandomPW(6);
   }
   return $password;
}

_________________________
Home page: http://www.kixhelp.com/hb/

Top

Page 1 of 2

Previous Topic View All Topics

Index Next Topic

Moderator: Glenn Barnas, NTDOC, Arend_, Jochen, Radimus, Allen, ShaneEP, Ruud van Velsen, Mart

Hop to:

Shout Box

Search the board with:
superb Board Search
or try with google:

	Web kixtart.org