Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
A user friendly, strong password generator PHP function.
<?PHP
// Generates a strong password of N length containing at least one lower case letter,
// one uppercase letter, one digit, and one special character. The remaining characters
// in the password are chosen at random from those four sets.
//
// The available characters in each set are user friendly - there are no ambiguous
// characters such as i, l, 1, o, 0, etc. This, coupled with the $add_dashes option,
// makes it much easier for users to manually type or speak their passwords.
//
// Note: the $add_dashes option will increase the length of the password by
// floor(sqrt(N)) characters.
function generateStrongPassword($length = 9, $add_dashes = false, $available_sets = 'luds')
{
$sets = array();
if(strpos($available_sets, 'l') !== false)
$sets[] = 'abcdefghjkmnpqrstuvwxyz';
if(strpos($available_sets, 'u') !== false)
$sets[] = 'ABCDEFGHJKMNPQRSTUVWXYZ';
if(strpos($available_sets, 'd') !== false)
$sets[] = '23456789';
if(strpos($available_sets, 's') !== false)
$sets[] = '!@#$%&*?';
$all = '';
$password = '';
foreach($sets as $set)
{
$password .= $set[array_rand(str_split($set))];
$all .= $set;
}
$all = str_split($all);
for($i = 0; $i < $length - count($sets); $i++)
$password .= $all[array_rand($all)];
$password = str_shuffle($password);
if(!$add_dashes)
return $password;
$dash_len = floor(sqrt($length));
$dash_str = '';
while(strlen($password) > $dash_len)
{
$dash_str .= substr($password, 0, $dash_len) . '-';
$password = substr($password, $dash_len);
}
$dash_str .= $password;
return $dash_str;
}
@PetterS

This comment has been minimized.

Copy link

commented May 8, 2012

It would be more "user friendly" if it generated passwords from a list of words.

http://xkcd.com/936/ :-)

@annoyingmouse

This comment has been minimized.

Copy link

commented Jul 25, 2014

Excellent - thank you!

@ghost

This comment has been minimized.

Copy link

commented Aug 6, 2014

Thank you.

@witul

This comment has been minimized.

Copy link

commented Aug 20, 2014

Thanks :)

@guidokritz

This comment has been minimized.

Copy link

commented Sep 12, 2014

Great. Thanks!

@ghost

This comment has been minimized.

Copy link

commented Nov 20, 2014

thanks

@InforMedic

This comment has been minimized.

Copy link

commented Mar 26, 2015

thx a lot!!

@StanleyNguma

This comment has been minimized.

Copy link

commented Mar 31, 2015

Great Code

@Shifrin

This comment has been minimized.

Copy link

commented May 3, 2015

@marklockhart

This comment has been minimized.

Copy link

commented Jun 18, 2015

Good work, thanks for the function

@kildeby

This comment has been minimized.

Copy link

commented Jun 30, 2015

I can't seem to make it display the password? How do I use it?

  • nevermind, I found out. Just sharing -> add:

@Shifrin: Your solution does not require a BIG LETTER, a small letter, a number (0-9) and a special character, which makes your password very much stronger.

@paragonie-scott

This comment has been minimized.

Copy link

commented Oct 21, 2015

Head's up: This gist is not secure. Neither array_rand() nor str_shuffle() are cryptographically secure.

Recommended reading: How to generate secure passwords in PHP.

@jasonglisson

This comment has been minimized.

Copy link

commented Jun 27, 2016

This is great! I needed the ability to force the use of certain characters to make the password. hanks! Good work!

@ghost

This comment has been minimized.

Copy link

commented Aug 12, 2016

thanks

@Xwalk-Company

This comment has been minimized.

Copy link

commented Sep 9, 2016

thks

@spurgeonbj

This comment has been minimized.

Copy link

commented Sep 14, 2016

God bless you!

@hsali

This comment has been minimized.

Copy link

commented Oct 23, 2016

a good script.

@0ngsh

This comment has been minimized.

Copy link

commented Nov 8, 2016

Thanks,Very Useful

@sarment0

This comment has been minimized.

Copy link

commented Nov 25, 2016

Good work!

@AlkarE

This comment has been minimized.

Copy link

commented Jun 9, 2017

Thanks a lot!

@caionorder

This comment has been minimized.

Copy link

commented Jun 30, 2017

thanks!

@offixer

This comment has been minimized.

@marufnajm

This comment has been minimized.

Copy link

commented Sep 21, 2017

A very good script. Thank you so much.

@ghost

This comment has been minimized.

Copy link

commented Nov 6, 2017

thank you 👍

@SigmaOne

This comment has been minimized.

Copy link

commented Nov 20, 2017

Thank you dude! vk.com here)

@pishgahi

This comment has been minimized.

Copy link

commented Dec 16, 2017

thank you

@fabbro79

This comment has been minimized.

Copy link

commented Dec 28, 2017

thanks!

@compermisos

This comment has been minimized.

Copy link

commented Jan 2, 2018

make a forked version of this script, whit some improvments in crypt functions

https://gist.github.com/compermisos/cf11aed742d2e1fbd994e083b4b0fa78

@zoulema

This comment has been minimized.

Copy link

commented Feb 14, 2018

great

@darek334

This comment has been minimized.

Copy link

commented May 11, 2018

See my implementation works with all chars languages.

@DonPramis

This comment has been minimized.

Copy link

commented Aug 10, 2018

Here is easy https://www.dohangout.com/forum/viewtopic.php?f=23&t=333 no need to create password. 14 million password. Enjoy

@DonPramis

This comment has been minimized.

Copy link

commented Aug 26, 2018

I generate mine like this... http://tools.webbatlas.com but i need to include few symbols on this project

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.