Skip to content

Instantly share code, notes, and snippets.

Created August 12, 2010 21:38
Show Gist options
  • Save tylerhall/521810 to your computer and use it in GitHub Desktop.
Save tylerhall/521810 to your computer and use it in GitHub Desktop.
A user friendly, strong password generator PHP function.
// Generates a strong password of N length containing at least one lower case letter,
// one uppercase letter, one digit, and one special character. The remaining characters
// in the password are chosen at random from those four sets.
// The available characters in each set are user friendly - there are no ambiguous
// characters such as i, l, 1, o, 0, etc. This, coupled with the $add_dashes option,
// makes it much easier for users to manually type or speak their passwords.
// Note: the $add_dashes option will increase the length of the password by
// floor(sqrt(N)) characters.
function generateStrongPassword($length = 9, $add_dashes = false, $available_sets = 'luds')
$sets = array();
if(strpos($available_sets, 'l') !== false)
$sets[] = 'abcdefghjkmnpqrstuvwxyz';
if(strpos($available_sets, 'u') !== false)
if(strpos($available_sets, 'd') !== false)
$sets[] = '23456789';
if(strpos($available_sets, 's') !== false)
$sets[] = '!@#$%&*?';
$all = '';
$password = '';
foreach($sets as $set)
$password .= $set[array_rand(str_split($set))];
$all .= $set;
$all = str_split($all);
for($i = 0; $i < $length - count($sets); $i++)
$password .= $all[array_rand($all)];
$password = str_shuffle($password);
return $password;
$dash_len = floor(sqrt($length));
$dash_str = '';
while(strlen($password) > $dash_len)
$dash_str .= substr($password, 0, $dash_len) . '-';
$password = substr($password, $dash_len);
$dash_str .= $password;
return $dash_str;
Copy link

Shifrin commented May 3, 2015

Copy link

Good work, thanks for the function

Copy link

kildeby commented Jun 30, 2015

I can't seem to make it display the password? How do I use it?

  • nevermind, I found out. Just sharing -> add:

@Shifrin: Your solution does not require a BIG LETTER, a small letter, a number (0-9) and a special character, which makes your password very much stronger.

Copy link

Head's up: This gist is not secure. Neither array_rand() nor str_shuffle() are cryptographically secure.

Recommended reading: How to generate secure passwords in PHP.

Copy link

This is great! I needed the ability to force the use of certain characters to make the password. hanks! Good work!

Copy link

ghost commented Aug 12, 2016


Copy link


Copy link

God bless you!

Copy link

hsali commented Oct 23, 2016

a good script.

Copy link

0ngsh commented Nov 8, 2016

Thanks,Very Useful

Copy link

Good work!

Copy link

AlkarE commented Jun 9, 2017

Thanks a lot!

Copy link


Copy link

offixer commented Aug 17, 2017

Copy link

A very good script. Thank you so much.

Copy link

ghost commented Nov 6, 2017

thank you 👍

Copy link

NikitaShkaruba commented Nov 20, 2017

Thank you dude! here)

Copy link

thank you

Copy link


Copy link

make a forked version of this script, whit some improvments in crypt functions

Copy link

ghost commented May 11, 2018

See my implementation works with all chars languages.

Copy link

DonPramis commented Aug 10, 2018

Here is easy no need to create password. 14 million password. Enjoy

Copy link

DonPramis commented Aug 26, 2018

I generate mine like this... but i need to include few symbols on this project

Copy link

Thks a lot

Copy link

fmic64 commented Jun 10, 2020

Great! many many thanks!!!

Copy link


Copy link

Very good work. Thanks.

Copy link

Thanks a lot

Copy link

thank you kind sir

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment