Click here to Skip to main content
11,478,174 members (75,802 online)
Click here to Skip to main content

Strong Password Generator

, 27 Aug 2006 CPOL 47.3K 1.9K 37
Rate this:
Please Sign up or sign in to vote.
Cryptographically random and strong password generator
Sample Image - password-generator.gif

Introduction

The source code contains the class which generates a cryptographically random and strong password. The demo project contains the console application which uses the compiled generator class to generate the passwords.

By the term cryptographically random password I mean the generator uses the RNGCryptoServiceProvider class. By the term strong password I mean the generated password satisfies the Passwords must meet complexity requirements settings of Windows password policy, namely containing the characters from three of the four categories.

Using the Code

The code contains the class PasswordGenerator inside the namespace Petr.Felzmann. The class PasswordGenerator contains one public method Generate(int passwordLength). So the simplest way to generate a password is...

PasswordGenerator pswd = new PasswordGenerator();
string password = pswd.Generate(6);

... which generates the random password consisting of the 6 characters. If you want to generate the random password with random length, then use the overloaded Generate(int minPasswordLength, int maxPasswordLength) version. Afterwards the length of the password will be the random number between minPasswordLength and maxPasswordLength.

The class PasswordGenerator also has an overloaded constructor. The public PasswordGenerator(XmlDocument categories) version is useful when you can redefine default character categories. For more details, see the Flexibility section at the bottom of this article.

Implementation

The implementation idea in brief:

  1. Generate random bytes by RNGCryptoServiceProvider.
  2. Project these random bytes to the character sets.
  3. Check whether the number of the mandatory categories is satisfied.
  4. If the count of the categories contained in the password is less, then the mandatory ones are required.
  5. Then generate the next necessary random chars.
  6. Finally, replace any char of the numerous enough categories in the password to achieve the requested number of the mandatory categories.

Flexibility

There is the possibility to define your own character categories with your defined characters. This is done through the XML document put into the PasswordGenerator constructor. The default implementation uses the following XML document which is included in the assembly as an embedded resource and satisfies the Passwords must meet complexity requirements setting discussed above:

<CharSetCategories xmlns="urn:petr-felzmann:schemas:password-generator" mandatory="3">
    <Category>abcdefghijklmnopqrstuvwxyz</Category>
    <Category>ABCDEFGHIJKLMNOPQRSTUVWXYZ</Category>
    <Category>0123456789</Category>
    <Category>()`~!@$%^*-+=|\{}[]:;"'>

The mandatory attribute specifies how many categories will occur in the resultant password. Note that the three special characters < & # are excluded to be able to use the generated password inside a Web environment protected against the Cross Site Scripting.

The source code and the assembly (as an embedded resource) contain the XML Schema described in these XML documents.

The example of flexibility: if you want to generate the text for CAPTCHA, then you can use this XML...

<CharSetCategories xmlns="urn:petr-felzmann:schemas:password-generator" mandatory="2">
    <Category>ABCDEFGHIJKLMNOPQRSTUVWXYZ</Category>
    <Category>0123456789</Category>
</CharSetCategories>

... and this code:

XmlDocument dom = new XmlDocument();
dom.Load(@"C:\MyCAPTCHA.xml");
PasswordGenerator pswd = new PasswordGenerator(dom);
string password = pswd.Generate(4);

History

  • 27th August, 2006: Initial post

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

Petr Felzmann
Web Developer
Czech Republic Czech Republic
No Biography provided

Comments and Discussions

 
GeneralMy vote of 5 Pin
Member 296152621-Jun-13 6:15
memberMember 296152621-Jun-13 6:15 
GeneralMy vote of 5 Pin
zoujun866628-Aug-12 16:36
memberzoujun866628-Aug-12 16:36 
GeneralGood job Pin
RockingDownTheHighway3-Feb-11 19:28
memberRockingDownTheHighway3-Feb-11 19:28 
GeneralLicense type Pin
janfl13-Feb-08 0:11
memberjanfl13-Feb-08 0:11 
GeneralRe: License type Pin
Petr Felzmann14-Feb-08 9:15
memberPetr Felzmann14-Feb-08 9:15 
GeneralFIPS 112 Pin
Jeffrey Walton7-Jan-07 13:23
memberJeffrey Walton7-Jan-07 13:23 
GeneralAmbiguous characters Pin
Thomas Freudenberg27-Aug-06 13:23
memberThomas Freudenberg27-Aug-06 13:23 
GeneralRe: Ambiguous characters Pin
Petr Felzmann27-Aug-06 22:33
memberPetr Felzmann27-Aug-06 22:33 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Terms of Use | Mobile
Web02 | 2.8.150520.1 | Last Updated 27 Aug 2006
Article Copyright 2006 by Petr Felzmann
Everything else Copyright © CodeProject, 1999-2015
Layout: fixed | fluid