Author Topic: Password Generator  (Read 5344 times)

0 Members and 1 Guest are viewing this topic.

Offline Theo Gottwald

  • Administrator
  • Hero Member
  • *****
  • Posts: 897
    • it-berater
Password Generator
« on: February 07, 2008, 11:33:36 AM »
Code: [Select]
'---------------------------------------------------------------------------
' This code will generate a random password of lenght T01
' of the characters inside S01.
' Please note that this Passwort is for general use, not for use in Security critical Aps (as I use RND())
' Please put a RANDOMIZE TIMER at the start of your Application
'
FUNCTION S_DC(OPT BYVAL S01 AS STRING,OPT BYVAL T01 AS LONG) AS STRING
REGISTER R01 AS LONG, R02 AS LONG
LOCAL S02 AS STRING
IF LEN(S01)=0 THEN S01=CHR$(97 TO 122)+CHR$(65 TO 90)+"-"
IF LEN(S01)=2 THEN
   R01=ASC(S01,1)
   R02=ASC(S01,2)
   IF R01=65 THEN S01=CHR$(65 TO 90)
   IF R01=97 THEN S01=CHR$(97 TO 122)
   S01=S01+CHR$(R02)
END IF
IF zero(T01) THEN T01=32
IF LEN(S01)=0 THEN S02="": GOTO Laba

S02=SPACE$(T01)
FOR R01=1 TO T01
   R02=RND(1,LEN(S01))
   R02=ASC(S01,R02)
   MID$(S02,R01,1)=CHR$(R02)
NEXT R01
' Use "-" anyway
IF INSTR(S01,"-") AND (INSTR(S02,"-")=0) THEN
   R02=RND(1,T01)
   MID$(S02,R02,1)="-"
END IF
Laba:
FUNCTION = S02
END FUNCTION               
'---------------------------------------------------------------------------     
       
« Last Edit: February 07, 2008, 11:46:53 AM by Theo Gottwald »

Offline Charles Pegge

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 670
    • Charles Pegge
Re: Password Generator
« Reply #1 on: February 07, 2008, 01:45:04 PM »

Thank you Theo.

Your code prompted this idea for generating nonsense words (and occasionally rude words) suitable for passwords, novel insults, mantras etc. The idea is that the words are pronouncable, being composed of selected single consonants,consonant pairs and vowels.

Code: [Select]
#COMPILE EXE
#DIM ALL

FUNCTION nonsense AS STRING
    LOCAL t1,t2,vc,cps,cpe AS STRING
    vc="aeiouybcdfghkjlmnpqrstvwxz" ' Vowels and constants (6+20)
    cps="blbrchclcrdrffflfrglgrgwklkrmrplprpwqurwshslsmsnstvlvr"
    cpe="lbrbrcscldrdlfrflgrgchshljrjcklkrklmrmsmzmlnrnlprpspbslsrssstsvswsltrtstxtlvrvlxrxlzrztzzz"
    't=str$(len(cps))+str$(len(cpe)) 'test for even
    RANDOMIZE TIMER
    IF RND>0.4 THEN t1=MID$(vc,ROUND(RND*19+5,0)+1,1) ELSE t1=MID$(cps,ROUND(RND*LEN(cps)-2,0) OR 1, 2  )
    t1=t1+ _
    MID$(vc,ROUND(RND*5,0)+1,1) + _
    MID$(cpe,ROUND(RND*LEN(cpe)-2,0)  OR 1 , 2 )
    RANDOMIZE TIMER*RND
    IF RND>0.4 THEN t2=MID$(vc,ROUND(RND*19+5,0)+1,1) ELSE t2=MID$(cps,ROUND(RND*LEN(cps)-2,0) OR 1, 2  )
    t2=t2+ _
    MID$(vc,ROUND(RND*5,0)+1,1) + _
    MID$(cpe,ROUND(RND*LEN(cpe)-2,0) OR 1 , 2 ) +_
    MID$(vc,ROUND(RND*5,0)+1,1)
    FUNCTION=t1+"-"+t2
END FUNCTION

FUNCTION PBMAIN () AS LONG

MSGBOX nonsense 

END FUNCTION


Offline Theo Gottwald

  • Administrator
  • Hero Member
  • *****
  • Posts: 897
    • it-berater
Re: Password Generator
« Reply #2 on: February 07, 2008, 03:13:57 PM »
I also thought of that - interesting idea.
For passwords however, a generator with preferences for some combinations is not my first choice because its more sensitive against brute force attacks.
While such an algo could have the advantage that the passwords can be better remembered by the user.

Offline Charles Pegge

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 670
    • Charles Pegge
Re: Password Generator
« Reply #3 on: February 07, 2008, 03:58:21 PM »
A fair point. Each word with one vowel and 2 consonant pairs, in the example would have a probability of around 1 in 12500. But taking the 2 words together gives much better odds at about 1 in 10^8.

The best protection against a brute force attack would be to introduce a delay of 30 seconds between attempts, which restricts it to 2880 trys per day. It would then take 34700 days (about 100 years) to cover all the permutations. That takes real determination :)