Generate Password Function In PHP

17th November 2008 - 3 minutes read time

I have talked about generating random passwords before. Although that function generated some nice passwords, they perhaps aren't as unique as they ought to be.

This function, take from Webtoolkit creates passwords of different length with varying levels of complexity.

function generatePassword($length=9, $strength=0) {
  $vowels = 'aeiu';
  $consonants = 'bdghjmnpqrstvxyz';
  if ( $strength & 1 ) {
    $consonants .= 'BDGHJLMNPQRSTVWXYZ';
  }
  if ( $strength & 2 ) {
    $vowels .= 'AEU';
  }
  if ( $strength & 4 ) {
    $consonants .= '23456789';
  }
  if ( $strength & 8 ) {
    $consonants .= '@#$%';
  }
 
  $password = '';
  $alt = time() % 2;
  for ($i = 0; $i < $length; $i++) {
    if ($alt == 1) {
      $password .= $consonants[(rand() % strlen($consonants))];
      $alt = 0;
    } else {
      $password .= $vowels[(rand() % strlen($vowels))];
      $alt = 1;
    }
  }
  return $password;
}

The first parameter is the number of characters that the function should return. The second parameter is a number up to 8 which converts into complexity. The least complex password consists of only lower case consonants. The most complex password consists of upper and lower case letters, as well as numbers and symbols.

You might notice that some of the letters and numbers are missing, this is deliberate. When passwords are generated many of the characters can be very similar. Zero can look like an upper case O and I can look like the number one or a lower case L. Removing these letters stops people getting their passwords wrong and having to reapply for them in the future. Also, many people write down their passwords, even though you shouldn't, and in doing this many characters can also look the same. For example, in a mix of upper and lowercase letters it is difficult to see the difference between an upper and lower case W.

You can run the function like this.

echo generatePassword(8,1); // LareSuSy
echo generatePassword(8,2); // hUsuserU
echo generatePassword(8,3); // MEdEgYze
echo generatePassword(8,4); // tanapa3a
echo generatePassword(8,5); // ary2ugeR
echo generatePassword(8,6); // uqUtebyq
echo generatePassword(8,7); // yRysuNEV
echo generatePassword(8,8); // ygyqyha%

This is just the output that I got from these parameters, a different password is run each time. You should be using level 8 for any system administrator passwords.

PHP

Add new comment

The content of this field is kept private and will not be shown publicly.
CAPTCHA
1 + 2 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

Related Content

Recreating Spotify Wrapped In PHP

17th March 2024

I quite like the end of the year report from Spotify that they call "Wrapped". This is a little application in which they tell you what your favorite artist was and what sort of genres you listened to the most during the year.

Read more

Should A Constructor Throw An Exception?

18th February 2024

Let's say you had a class that you wanted to use, but there was some sort of error in creating the object. This might be that the wrong parameters were passed, or the third party service (eg. a database) wasn't available at the time of creation.

Read more

PHP Question: Variable Reference

10th December 2023

Question

What does the following code print out?

function arrayPrint($array)
{
   echo implode(' ', $array);
}

$arrayA = [1, 2, 3];
$arrayB = $arrayA;
$arrayB[1] = 0;
arrayPrint($arrayA);

Read more

Creating An Authentication System With PHP and MariaDB

15th October 2023

Using frameworks to handle the authentication of your PHP application is perfectly fine to do, and normally encouraged. They abstract away all of the complexity of managing users and sessions that need to work in order to allow your application to function.

Read more

Creating Sparklines In PHP

17th September 2023

A sparkline is a very small line graph that is intended to convey some simple information, usually in terms of a numeric value over time. They tend to lack axes or other labels and are added to information readouts in order to expand on numbers in order to give them more context.

Read more