Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
A user friendly, strong password generator PHP function.
<?PHP
// Generates a strong password of N length containing at least one lower case letter,
// one uppercase letter, one digit, and one special character. The remaining characters
// in the password are chosen at random from those four sets.
//
// The available characters in each set are user friendly - there are no ambiguous
// characters such as i, l, 1, o, 0, etc. This, coupled with the $add_dashes option,
// makes it much easier for users to manually type or speak their passwords.
//
// Note: the $add_dashes option will increase the length of the password by
// floor(sqrt(N)) characters.
function generateStrongPassword($length = 9, $add_dashes = false, $available_sets = 'luds')
{
$sets = array();
if(strpos($available_sets, 'l') !== false)
$sets[] = 'abcdefghjkmnpqrstuvwxyz';
if(strpos($available_sets, 'u') !== false)
$sets[] = 'ABCDEFGHJKMNPQRSTUVWXYZ';
if(strpos($available_sets, 'd') !== false)
$sets[] = '23456789';
if(strpos($available_sets, 's') !== false)
$sets[] = '!@#$%&*?';
$all = '';
$password = '';
foreach($sets as $set)
{
$password .= $set[array_rand(str_split($set))];
$all .= $set;
}
$all = str_split($all);
for($i = 0; $i < $length - count($sets); $i++)
$password .= $all[array_rand($all)];
$password = str_shuffle($password);
if(!$add_dashes)
return $password;
$dash_len = floor(sqrt($length));
$dash_str = '';
while(strlen($password) > $dash_len)
{
$dash_str .= substr($password, 0, $dash_len) . '-';
$password = substr($password, $dash_len);
}
$dash_str .= $password;
return $dash_str;
}
@PetterS

This comment has been minimized.

Show comment Hide comment
@PetterS

PetterS May 8, 2012

It would be more "user friendly" if it generated passwords from a list of words.

http://xkcd.com/936/ :-)

PetterS commented May 8, 2012

It would be more "user friendly" if it generated passwords from a list of words.

http://xkcd.com/936/ :-)

@annoyingmouse

This comment has been minimized.

Show comment Hide comment
@annoyingmouse

annoyingmouse Jul 25, 2014

Excellent - thank you!

Excellent - thank you!

@gopal1035

This comment has been minimized.

Show comment Hide comment
@gopal1035

gopal1035 Aug 6, 2014

Thank you.

Thank you.

@witul

This comment has been minimized.

Show comment Hide comment
@witul

witul Aug 20, 2014

Thanks :)

witul commented Aug 20, 2014

Thanks :)

@guidokritz

This comment has been minimized.

Show comment Hide comment
@guidokritz

guidokritz Sep 12, 2014

Great. Thanks!

Great. Thanks!

@jabaru

This comment has been minimized.

Show comment Hide comment
@jabaru

jabaru Nov 20, 2014

thanks

jabaru commented Nov 20, 2014

thanks

@InforMedic

This comment has been minimized.

Show comment Hide comment
@InforMedic

InforMedic Mar 26, 2015

thx a lot!!

thx a lot!!

@StanleyNguma

This comment has been minimized.

Show comment Hide comment
@StanleyNguma

StanleyNguma Mar 31, 2015

Great Code

Great Code

@Shifrin

This comment has been minimized.

Show comment Hide comment
@marklockhart

This comment has been minimized.

Show comment Hide comment
@marklockhart

marklockhart Jun 18, 2015

Good work, thanks for the function

Good work, thanks for the function

@kildeby

This comment has been minimized.

Show comment Hide comment
@kildeby

kildeby Jun 30, 2015

I can't seem to make it display the password? How do I use it?

  • nevermind, I found out. Just sharing -> add:

@Shifrin: Your solution does not require a BIG LETTER, a small letter, a number (0-9) and a special character, which makes your password very much stronger.

kildeby commented Jun 30, 2015

I can't seem to make it display the password? How do I use it?

  • nevermind, I found out. Just sharing -> add:

@Shifrin: Your solution does not require a BIG LETTER, a small letter, a number (0-9) and a special character, which makes your password very much stronger.

@paragonie-scott

This comment has been minimized.

Show comment Hide comment
@paragonie-scott

paragonie-scott Oct 21, 2015

Head's up: This gist is not secure. Neither array_rand() nor str_shuffle() are cryptographically secure.

Recommended reading: How to generate secure passwords in PHP.

Head's up: This gist is not secure. Neither array_rand() nor str_shuffle() are cryptographically secure.

Recommended reading: How to generate secure passwords in PHP.

@jasonglisson

This comment has been minimized.

Show comment Hide comment
@jasonglisson

jasonglisson Jun 27, 2016

This is great! I needed the ability to force the use of certain characters to make the password. hanks! Good work!

This is great! I needed the ability to force the use of certain characters to make the password. hanks! Good work!

@janlueders

This comment has been minimized.

Show comment Hide comment
@janlueders

janlueders Aug 12, 2016

thanks

thanks

@Xwalk-Company

This comment has been minimized.

Show comment Hide comment
@Xwalk-Company

Xwalk-Company Sep 9, 2016

thks

thks

@spurgeonbj

This comment has been minimized.

Show comment Hide comment
@spurgeonbj

spurgeonbj Sep 14, 2016

God bless you!

God bless you!

@hsali

This comment has been minimized.

Show comment Hide comment
@hsali

hsali Oct 23, 2016

a good script.

hsali commented Oct 23, 2016

a good script.

@0ngsh

This comment has been minimized.

Show comment Hide comment
@0ngsh

0ngsh Nov 8, 2016

Thanks,Very Useful

0ngsh commented Nov 8, 2016

Thanks,Very Useful

@sarment0

This comment has been minimized.

Show comment Hide comment
@sarment0

sarment0 Nov 25, 2016

Good work!

Good work!

@AlkarE

This comment has been minimized.

Show comment Hide comment
@AlkarE

AlkarE Jun 9, 2017

Thanks a lot!

AlkarE commented Jun 9, 2017

Thanks a lot!

@caionorder

This comment has been minimized.

Show comment Hide comment
@caionorder

caionorder Jun 30, 2017

thanks!

thanks!

@offixer

This comment has been minimized.

Show comment Hide comment
@marufnajm

This comment has been minimized.

Show comment Hide comment
@marufnajm

marufnajm Sep 21, 2017

A very good script. Thank you so much.

A very good script. Thank you so much.

@at-quannguyen

This comment has been minimized.

Show comment Hide comment
@at-quannguyen

at-quannguyen Nov 6, 2017

thank you 👍

thank you 👍

@SigmaOne

This comment has been minimized.

Show comment Hide comment
@SigmaOne

SigmaOne Nov 20, 2017

Thank you dude! vk.com here)

SigmaOne commented Nov 20, 2017

Thank you dude! vk.com here)

@pishgahi

This comment has been minimized.

Show comment Hide comment
@pishgahi

pishgahi Dec 16, 2017

thank you

thank you

@fabbro79

This comment has been minimized.

Show comment Hide comment
@fabbro79

fabbro79 Dec 28, 2017

thanks!

thanks!

@compermisos

This comment has been minimized.

Show comment Hide comment
@compermisos

compermisos Jan 2, 2018

make a forked version of this script, whit some improvments in crypt functions

https://gist.github.com/compermisos/cf11aed742d2e1fbd994e083b4b0fa78

make a forked version of this script, whit some improvments in crypt functions

https://gist.github.com/compermisos/cf11aed742d2e1fbd994e083b4b0fa78

@zoulema

This comment has been minimized.

Show comment Hide comment
@zoulema

zoulema Feb 14, 2018

great

zoulema commented Feb 14, 2018

great

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment