PHP Random Secure Password Generator Class
UPDATE: If you don’t want to spend the time implementing this code, and just want to generate some passwords, I’ve put it on a separate website: www.random-password.net.
I just recently had to create a function to generate random passwords on a site I was developing and thought it would be an ideal thing to expand upon and put into a class. If you’re not familiar with using classes, I also have integration code below.
This source code is provided free of charge under the condition that my name remains upon it. Any modifications, improvements and suggestions will be gratefully received.
Create a new file called pwd-gen.php and stick it in your classes folder, then copy and paste the following. Don’t forget to scroll down and read the instructions.
<?php
/*
Class Name: pwdGen
Version: 1.2
Author(s): David Hurst
Copyright belongs to the author, but this code may be freely distributed provided this header remains in tact.
*/
class pwdGen {
var $pattern;
function pwdGen() {
$this->pattern = “Cvcv00X”;
}
function newPwd() {
$new_pwd = “”;
$pttn = $this->pattern;
for($i = 0; $i <= strlen($this->pattern); $i++) {
$pattern_arr[$i] = substr($pttn, 0, 1);
$pttn = substr($pttn, 1);
}
unset($pattern_arr[$i - 1]);
foreach($pattern_arr as $value) {
switch($value) {
case “x”:
$new_pwd .= $this->randomLetter();
break;
case “X”:
$letter = $this->randomLetter();
$new_pwd .= strtoupper($letter);
break;
case “v”:
$new_pwd .= $this->randomVowel();
break;
case “V”:
$letter = $this->randomVowel();
$new_pwd .= strtoupper($letter);
break;
case “c”:
$new_pwd .= $this->randomCons();
break;
case “C”:
$letter = $this->randomCons();
$new_pwd .= strtoupper($letter);
break;
case “0″:
$new_pwd .= $this->randomNumber();
break;
case “*”:
$new_pwd .= $this->randomSymbol();
break;
}
}
return $new_pwd;
}
function randomVowel() {
$letter_arr = array(”a”, “e”, “i”, “o”, “u”);
$i = rand(0, count($letter_arr) - 1);
return $letter_arr[$i];
}
function randomCons() {
$letter_arr = array(”b”, “c”, “d”, “f”, “g”, “h”, “j”, “k”, “l”, “m”, “n”, “p”, “q”, “r”, “s”, “t”, “v”, “w”, “x”, “y”, “z”);
$i = rand(0, count($letter_arr) - 1);
return $letter_arr[$i];
}
function randomLetter() {
$letter_arr = array(”a”, “b”, “c”, “d”, “e”, “f”, “g”, “h”, “i”, “j”, “k”, “l”, “m”, “n”, “o”, “p”, “q”, “r”, “s”, “t”, “u”, “v”, “w”, “x”, “y”, “z”);
$i = rand(0, count($letter_arr) - 1);
return $letter_arr[$i];
}
function randomNumber() {
$i = rand(0, 9);
return $i;
}
function randomSymbol() {
$symbol_arr = array(”!”, “@”, “%”, “&”, “*”, “(”, “)”, “+”, “-”, “?”, “=”);
$i = rand(0, count($symbol_arr) - 1);
return $symbol_arr[$i];
}
}
?>
So to implement this in a PHP script, use something like below:
<?php
require_once(”classes/pwd-gen.php”); //adapt this for your file structure and filename
$pwd = new pwdGen();
$pwd->pattern = “CCVVCC”; //optional
echo $pwd->newPwd();
?>
Instructions for use:
The class creates passwords based on patterns. This enables you to have a level of consistency, despite the passwords being random. Here are the codes you can use to create your pattern string:
x - a lower case letter
X - an upper case letter
c - a lower case consonant
C - an upper case consonant
v - a lower case vowel
V - an upper case vowel
0 - a number from 0-9
* - a symbol
I included codes for consonants and vowels as these allow you to create pronouncable passwords. There is no dictionary check, so this could result in dictionary words being included in the password, which would make it less secure. Despite that, you can still use these codes to good effect to create highly secure passwords that are easier to remember.
Here are some patterns that I think work well:
Cvcv00x - this is the default pattern that will be used if you don’t specify one
cCVCxcc
cCVC0vc
CvCvC00
No doubt you can up with some yourselves.
This class can of course be used to create any random string. I use it to generate 25 character authorisation codes for use in member signup and authentication processes on websites. I hope you find it of some use too.