00 Votes

PHP: Create randomized string or random password

Question by SimplyMe | Last update on 2022-11-19 | Created on 2011-11-25

I want to create a random string using PHP that should be used as an initial password. So, what you usually get after a registration by e-mail or if you request a new password.

Does PHP know a specific function for that, or how do you do best?

ReplyPositiveNegativeDateVotes
00 Votes

The easiest way to achieve this, is as follows with a combination of md5() and rand():

echo md5(rand());
//d4f31b020955e1892af61ebff0e3e4d0

The function rand() creates a random number and md5() makes an MD5 hash from that, which will look similiar to the second line above.

If this should be too long for your purpose, you can also directly limit the string with substr():

echo substr(md5(rand()),0,10);
//a0ba2648ac

If you replace the 10 with a different number, you can shorten the number of characters. In the above example, I once chose a length of 10 characters.

Or we just create a small function directly from it:

function randomstring($length) {
   return substr(md5(rand()),0,$length);
}
 
// call it like that:
echo randomstring(5); //c3a05

Alternatively, you can also use the function uniqid(), which, however, does not provide quite as good results:

echo uniqid();

This function creates a unique ID out of the current time, so the first places are always the same, if you call the function in quick succession. Of course, if you only want to have any random string, this should be okay.

Limitations of these functions

The advantage of my functions mentioned above is, that it is very easy to implement and the strings can be used as passwords (more about secure passwords). But there is also a disadvantage: the strings are consisting only of lowercase letters and numbers. We have no way to determine which characters are present in the string. If you wish to do that, you have to use your own, even more complicated function.
Last update on 2022-11-19 | Created on 2011-12-15

ReplyPositive Negative
00 Votes

The examples of Computer Expert are both simple and ingenious. Nevertheless, here's a small example of how you can quickly craft a function for yourself, which can be used to create random strings out of a defined pool of characters:

function randomstring($length) {
   // possible characters for this string
   $chars = '0123456789';
   $chars .= 'abcdefghijklmnopqrstuvwxyz';
   $chars .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
   $chars .= '()!.:=';
 
   // string will be created
   $str = '';
   $num = strlen($chars);
   for ($i=0; $i<$length; $i++) {
      $str .= $chars[rand(0,$num-1)];
   }
   return $str;
}
 
// Usage
echo randomstring(6); //G3pgIA

The whole works as follows: First, we define a string (in this case, it is wraped because of the length) with all characters to appear. Of course, you can still add other characters, who would like to include or you can remove the characters, you do not want to have in the string.

Then, we define our random string with $str and write in $num the number of possible characters. Next, we call as often as our new string should be long, the random number generator rand() in a loop and every time, we choouse the corresponding character of the random number out of the string of possible characters.

Finally, we return the completed string. A possible, generated string might be "G3pgIA".
2011-12-16 at 09:16

ReplyPositive Negative
Reply

Related Topics

The Secure Password

Info | 0 Comments

Important Note

Please note: The contributions published on askingbox.com are contributions of users and should not substitute professional advice. They are not verified by independents and do not necessarily reflect the opinion of askingbox.com. Learn more.

Participate

Ask your own question or write your own article on askingbox.com. That’s how it’s done.