Create a gist now

Instantly share code, notes, and snippets.

Embed
A user friendly, strong password generator PHP function.
<?PHP
// Generates a strong password of N length containing at least one lower case letter,
// one uppercase letter, one digit, and one special character. The remaining characters
// in the password are chosen at random from those four sets.
//
// The available characters in each set are user friendly - there are no ambiguous
// characters such as i, l, 1, o, 0, etc. This, coupled with the $add_dashes option,
// makes it much easier for users to manually type or speak their passwords.
//
// Note: the $add_dashes option will increase the length of the password by
// floor(sqrt(N)) characters.
function generateStrongPassword($length = 9, $add_dashes = false, $available_sets = 'luds')
{
$sets = array();
if(strpos($available_sets, 'l') !== false)
$sets[] = 'abcdefghjkmnpqrstuvwxyz';
if(strpos($available_sets, 'u') !== false)
$sets[] = 'ABCDEFGHJKMNPQRSTUVWXYZ';
if(strpos($available_sets, 'd') !== false)
$sets[] = '23456789';
if(strpos($available_sets, 's') !== false)
$sets[] = '!@#$%&*?';
$all = '';
$password = '';
foreach($sets as $set)
{
$password .= $set[array_rand(str_split($set))];
$all .= $set;
}
$all = str_split($all);
for($i = 0; $i < $length - count($sets); $i++)
$password .= $all[array_rand($all)];
$password = str_shuffle($password);
if(!$add_dashes)
return $password;
$dash_len = floor(sqrt($length));
$dash_str = '';
while(strlen($password) > $dash_len)
{
$dash_str .= substr($password, 0, $dash_len) . '-';
$password = substr($password, $dash_len);
}
$dash_str .= $password;
return $dash_str;
}
@PetterS

This comment has been minimized.

Show comment
Hide comment
@PetterS

PetterS May 8, 2012

It would be more "user friendly" if it generated passwords from a list of words.

http://xkcd.com/936/ :-)

PetterS commented May 8, 2012

It would be more "user friendly" if it generated passwords from a list of words.

http://xkcd.com/936/ :-)

@annoyingmouse

This comment has been minimized.

Show comment
Hide comment
@annoyingmouse

annoyingmouse Jul 25, 2014

Excellent - thank you!

Excellent - thank you!

@ghost

This comment has been minimized.

Show comment
Hide comment
@ghost

ghost Aug 6, 2014

Thank you.

ghost commented Aug 6, 2014

Thank you.

@witul

This comment has been minimized.

Show comment
Hide comment
@witul

witul Aug 20, 2014

Thanks :)

witul commented Aug 20, 2014

Thanks :)

@guidokritz

This comment has been minimized.

Show comment
Hide comment
@guidokritz

guidokritz Sep 12, 2014

Great. Thanks!

Great. Thanks!

@ghost

This comment has been minimized.

Show comment
Hide comment
@ghost

ghost Nov 20, 2014

thanks

ghost commented Nov 20, 2014

thanks

@InforMedic

This comment has been minimized.

Show comment
Hide comment
@InforMedic

InforMedic Mar 26, 2015

thx a lot!!

thx a lot!!

@StanleyNguma

This comment has been minimized.

Show comment
Hide comment
@StanleyNguma

StanleyNguma Mar 31, 2015

Great Code

Great Code

@Shifrin

This comment has been minimized.

Show comment
Hide comment
@marklockhart

This comment has been minimized.

Show comment
Hide comment
@marklockhart

marklockhart Jun 18, 2015

Good work, thanks for the function

Good work, thanks for the function

@kildeby

This comment has been minimized.

Show comment
Hide comment
@kildeby

kildeby Jun 30, 2015

I can't seem to make it display the password? How do I use it?

  • nevermind, I found out. Just sharing -> add:

@Shifrin: Your solution does not require a BIG LETTER, a small letter, a number (0-9) and a special character, which makes your password very much stronger.

kildeby commented Jun 30, 2015

I can't seem to make it display the password? How do I use it?

  • nevermind, I found out. Just sharing -> add:

@Shifrin: Your solution does not require a BIG LETTER, a small letter, a number (0-9) and a special character, which makes your password very much stronger.

@paragonie-scott

This comment has been minimized.

Show comment
Hide comment
@paragonie-scott

paragonie-scott Oct 21, 2015

Head's up: This gist is not secure. Neither array_rand() nor str_shuffle() are cryptographically secure.

Recommended reading: How to generate secure passwords in PHP.

Head's up: This gist is not secure. Neither array_rand() nor str_shuffle() are cryptographically secure.

Recommended reading: How to generate secure passwords in PHP.

@jasonglisson

This comment has been minimized.

Show comment
Hide comment
@jasonglisson

jasonglisson Jun 27, 2016

This is great! I needed the ability to force the use of certain characters to make the password. hanks! Good work!

This is great! I needed the ability to force the use of certain characters to make the password. hanks! Good work!

@ghost

This comment has been minimized.

Show comment
Hide comment
@ghost

ghost Aug 12, 2016

thanks

ghost commented Aug 12, 2016

thanks

@Xwalk-Company

This comment has been minimized.

Show comment
Hide comment
@Xwalk-Company

Xwalk-Company Sep 9, 2016

thks

thks

@spurgeonbj

This comment has been minimized.

Show comment
Hide comment
@spurgeonbj

spurgeonbj Sep 14, 2016

God bless you!

God bless you!

@hsali

This comment has been minimized.

Show comment
Hide comment
@hsali

hsali Oct 23, 2016

a good script.

hsali commented Oct 23, 2016

a good script.

@0ngsh

This comment has been minimized.

Show comment
Hide comment
@0ngsh

0ngsh Nov 8, 2016

Thanks,Very Useful

0ngsh commented Nov 8, 2016

Thanks,Very Useful

@sarment0

This comment has been minimized.

Show comment
Hide comment
@sarment0

sarment0 Nov 25, 2016

Good work!

Good work!

@AlkarE

This comment has been minimized.

Show comment
Hide comment
@AlkarE

AlkarE Jun 9, 2017

Thanks a lot!

AlkarE commented Jun 9, 2017

Thanks a lot!

@caionorder

This comment has been minimized.

Show comment
Hide comment
@caionorder

caionorder Jun 30, 2017

thanks!

thanks!

@offixer

This comment has been minimized.

Show comment
Hide comment
@marufnajm

This comment has been minimized.

Show comment
Hide comment
@marufnajm

marufnajm Sep 21, 2017

A very good script. Thank you so much.

A very good script. Thank you so much.

@at-quannguyen

This comment has been minimized.

Show comment
Hide comment
@at-quannguyen

at-quannguyen Nov 6, 2017

thank you 👍

thank you 👍

@SigmaOne

This comment has been minimized.

Show comment
Hide comment
@SigmaOne

SigmaOne Nov 20, 2017

Thank you dude! vk.com here)

SigmaOne commented Nov 20, 2017

Thank you dude! vk.com here)

@pishgahi

This comment has been minimized.

Show comment
Hide comment
@pishgahi

pishgahi Dec 16, 2017

thank you

thank you

@fabbro79

This comment has been minimized.

Show comment
Hide comment
@fabbro79

fabbro79 Dec 28, 2017

thanks!

thanks!

@compermisos

This comment has been minimized.

Show comment
Hide comment
@compermisos

compermisos Jan 2, 2018

make a forked version of this script, whit some improvments in crypt functions

https://gist.github.com/compermisos/cf11aed742d2e1fbd994e083b4b0fa78

make a forked version of this script, whit some improvments in crypt functions

https://gist.github.com/compermisos/cf11aed742d2e1fbd994e083b4b0fa78

@zoulema

This comment has been minimized.

Show comment
Hide comment
@zoulema

zoulema Feb 14, 2018

great

zoulema commented Feb 14, 2018

great

@darek334

This comment has been minimized.

Show comment
Hide comment
@darek334

darek334 May 11, 2018

See my implementation works with all chars languages.

See my implementation works with all chars languages.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment