生成没有这些字符的随机密码“l1o0”

时间:2015-10-25 09:38:38

标签: php security random passwords

我需要使用条件生成随机密码:

  • 除“ l1o0
  • 外,所有字符均可使用
  • 字符长度为8到12

我尝试过的代码:

function generateRandomPassword() {
  //Initialize the random password
  $password = '';

  //Initialize a random desired length
  $desired_length = rand(8, 12);

  for($length = 0; $length < $desired_length; $length++) {
    //Append a random ASCII character (including symbols)
    $password .= chr(rand(32, 126));
  }

  return $password;
}

如何避免这4个字符=&gt; “ l1o0 ”?

原因:

  • 这4个字符有时会混淆用户。

谢谢!

5 个答案:

答案 0 :(得分:4)

请勿使用当前为生成密码而提供的任何其他答案。他们无论如何都不安全。

  • rand() - &gt;否
  • mt_rand() - &gt;绝对不是

我将从一篇名为How to Securely Generate Random Strings and Integers in PHP的博客文章中提取此解决方案。

/**
 * Note: See https://paragonie.com/b/JvICXzh_jhLyt4y3 for an alternative implementation
 */
function random_string($length = 26, $alphabet = 'abcdefghijklmnopqrstuvwxyz234567')
{
    if ($length < 1) {
        throw new InvalidArgumentException('Length must be a positive integer');
    }
    $str = '';
    $alphamax = strlen($alphabet) - 1;
    if ($alphamax < 1) {
        throw new InvalidArgumentException('Invalid alphabet');
    }
    for ($i = 0; $i < $length; ++$i) {
        $str .= $alphabet[random_int(0, $alphamax)];
    }
    return $str;
}

用法:

// Every ASCII alphanumeric except "loIO01":
$alphabet = 'abcdefghijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789';
$string = random_string(12, $alphabet);

您可能没有random_int(),除非您在将来发布PHP 7时再阅读此内容。对于我们这些生活在现在的人,请使用random_compat

答案 1 :(得分:2)

试试这个:

function generateRandomPassword($length = 8) {
    $characters = '23456789abcdefghjklmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ';
    $charactersLength = strlen($characters);
    $randomPassword = '';
    for ($i = 0; $i < $length; $i++) {
        $randomPassword .= $characters[rand(0, $charactersLength - 1)];
    }
    return $randomPassword;
}

答案 2 :(得分:0)

您不需要更改代码。只需使用str_replace来替换这些单词即可尝试此解决方案:)。刚编辑了你的代码

function generateRandomPassword($length = 8) {
    $characters = '23456789abcdefghjklmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ';
    $charactersLength = strlen($characters);
    $randomPassword = '';
    for ($i = 0; $i < $length; $i++) {
        $randomPassword .= $characters[rand(0, $charactersLength - 1)];
    }
    return str_replace(['l','1','o','0'], ['A','B','C','D'], $randomPassword);
}

答案 3 :(得分:0)

$string = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
$req_pword_len = 20;

$char_count = 0;
$password='';
$chars=str_split($string);
while ( $char_count < $req_pword_len ) {
    $char = mt_rand(0,61);
    $password .= (string) $chars[$char];
    $char_count++;
}

更改

的值
  • $ string只是您想要允许的字符
  • $ req_pword_len到所需的密码长度

答案 4 :(得分:0)

尝试一下:

 protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.activity_main);

    AccountManager am = AccountManager.get(this);
    Bundle options = new Bundle();

    Account[] accounts=am.getAccountsByType("https://www.strava.com/api/v3/");


    am.getAuthToken(
            accounts,                     // Account retrieved using getAccountsByType()
            "Manage your tasks",            // Auth scope
            options,                        // Authenticator-specific options
            this,                           // Your activity
            new OnTokenAcquired(),          // Callback called when a token is successfully acquired
            new Handler(new OnError()));    // Callback called if an error occurs

}