Generating a random password in php

2019-01-02 19:09发布

站内问答 / PHP
665 22 5

I am trying to generate a random password in php.

However I am getting all 'a's and the return type is of type array and I would like it to be a string. Any ideas on how to correct the code?

Thanks.

function randomPassword() {
    $alphabet = "abcdefghijklmnopqrstuwxyzABCDEFGHIJKLMNOPQRSTUWXYZ0123456789";
    for ($i = 0; $i < 8; $i++) {
        $n = rand(0, count($alphabet)-1);
        $pass[$i] = $alphabet[$n];
    }
    return $pass;
}

22条回答
宁负流年不负卿
2楼-- · 2019-01-02 20:10

Your best bet is the RandomLib library by ircmaxell.

Usage example:

$factory = new RandomLib\Factory;
$generator = $factory->getGenerator(new SecurityLib\Strength(SecurityLib\Strength::MEDIUM));

$passwordLength = 8; // Or more
$randomPassword = $generator->generateString($passwordLength);

It produces strings which are more strongly random than the normal randomness functions like shuffle() and rand() (which is what you generally want for sensitive information like passwords, salts and keys).

查看更多
0人赞 添加讨论(0) 举报
高级女魔头
3楼-- · 2019-01-02 20:11
  1. Create a file with this code in it.

  2. Call it like in the comments.

    <?php 

/**
* @usage  :
*       include_once($path . '/Password.php');
*       $Password = new Password;
*       $pwd = $Password->createPassword(10);
*       return $pwd;
* 
*/

class Password {

    public function createPassword($length = 15) {
        $response = [];
        $response['pwd'] = $this->generate($length);
        $response['hashPwd'] = $this->hashPwd( $response['pwd'] );
        return $response;
    }

    private function generate($length = 15) {
        $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*(){}/?,><";
        return substr(str_shuffle($chars),0,$length);
    }

    private function hashPwd($pwd) {
        return hash('sha256', $pwd);
    }

}

?>
查看更多
0人赞 添加讨论(0) 举报
永恒的永恒
4楼-- · 2019-01-02 20:12

Security warning: rand() is not a cryptographically secure pseudorandom number generator. Look elsewhere for generating a cryptographically secure pseudorandom string in PHP.

Try this (use strlen instead of count, because count on a string is always 1):

function randomPassword() {
    $alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890';
    $pass = array(); //remember to declare $pass as an array
    $alphaLength = strlen($alphabet) - 1; //put the length -1 in cache
    for ($i = 0; $i < 8; $i++) {
        $n = rand(0, $alphaLength);
        $pass[] = $alphabet[$n];
    }
    return implode($pass); //turn the array into a string
}

Demo: http://codepad.org/UL8k4aYK

查看更多
0人赞 添加讨论(0) 举报
萌妹纸的霸气范
5楼-- · 2019-01-02 20:13

Use this simple code for generate med-strong password 12 length 

$password_string = '!@#$%*&abcdefghijklmnpqrstuwxyzABCDEFGHJKLMNPQRSTUWXYZ23456789';
$password = substr(str_shuffle($password_string), 0, 12);
查看更多
0人赞 添加讨论(0) 举报
上一页 1 2 3 4
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)