When you think ASP, think...
Recent Articles
All Articles
ASP.NET Articles
Related Web Technologies
User Tips!
Coding Tips

Sample Chapters
JavaScript Tutorials
MSDN Communities Hub
Official Docs
Stump the SQL Guru!
XML Info
Author an Article
Print this page.
Published: Wednesday, December 29, 1999

Generating Random Passwords

By Ragnvald Larsen

Let's face it, with Active Server Pages, it isn't difficult to create a fairly secure web site, one that contains a set of web pages that can only be viewed by particular users. Those particular users could be stored in a database, or could be actual user accounts on the web server. For a good article on a simple authentication scheme, be sure to check out Simple Authentication.

- continued -

When creating new user accounts over the web, though, you may wish to supply your new users with a random password. Many web sites currently do this. Alert 4Guys visitor Ragnvald Larsen decided to share a unique password generator, one that generates random passwords, containing only alphabetic characters, that strive to be easy to remember!

Below is the code, but first, you can see the output here!

Some example passwords:

Six letter passwords

Eight letter passwords

Ten letter passwords

Now, for the source code!

' Random Password Generator
' We needed a small password routine for our distance learning project.
' It is used to provide our users with new passwords upon request.
' This is not a high security algoritm, but still useful for 
' smallscale user-databases.
' The routine is primarily written by Jon Terje Kommandantvold.
' Some changes, bugfix and translation by Ragnvald Larsen.
' Jon Terje Kommandantvold (jontk@svt.ntnu.no)
' Ragnvald Larsen (ragnvald@captech.no)
' Trondheim, Norway 28.12.99
' Geografi paa Nett
' Dept. of Geography
' Norwegian University of Science and Technology
' http://www.svt.ntnu.no/geo/default-e.htm

'--Make string to numbers and initialize the random generator
Sub StrRandomize(strSeed)
  Dim i, nSeed

  nSeed = CLng(0)
  For i = 1 To Len(strSeed)
    nSeed = nSeed Xor ((256 * ((i - 1) Mod 4) * AscB(Mid(strSeed, i, 1))))

  Randomize nSeed
End Sub

'--Generates friendly passwords for remembering and pronounciation
Function GeneratePassword(nLength)
  Dim i, bMadeConsonant, c, nRnd

'You may adjust the below constants to include local,
'eg. scandinavian characters. This way your passwords
'will not be limited to latin characters.
  Const strDoubleConsonants = "bdfglmnpst"
  Const strConsonants = "bcdfghklmnpqrstv"
  Const strVocal = "aeiou"

  GeneratePassword = ""
  bMadeConsonant = False

  For i = 0 To nLength
    'Get a random number number between 0 and 1
    nRnd = Rnd
    'Simple or double consonant, or a new vocal?
    'Does not start with a double consonant
    '15% or less chance for the next letter being a double consonant
    If GeneratePassword <> "" AND _
        (bMadeConsonant <> True) AND (nRnd < 0.15) Then
      'double consonant
      c = Mid(strDoubleConsonants, Len(strDoubleConsonants) * Rnd + 1, 1)
      c = c & c
      i = i + 1
      bMadeConsonant = True
      '80% or less chance for the next letter being a consonant,
      'depending on wether the last letter was a consonant or not.
      If (bMadeConsonant <> True) And (nRnd < 0.95) Then
        'Simple consonant
        c = Mid(strConsonants, Len(strConsonants) * Rnd + 1, 1)
        bMadeConsonant = True
        '5% or more chance for the next letter being a vocal. 100% if last
        'letter was a consonant - theoreticaly speacing...
        'If last one was a consonant, make vocal
        c = Mid(strVocal, Len(strVocal) * Rnd + 1, 1)
        bMadeConsonant = False
      End If
    End If

    'Add letter
    GeneratePassword = GeneratePassword & c

  'Is the password long enough, or perhaps too long?
  If Len(GeneratePassword > nLength) Then
     GeneratePassword = Left(GeneratePassword, nLength)
  End If
End Function

'--How to use the Random Password Generator?
' You are  advised to randomize before each password generation
' If you are using a database with some generic ID you could
' add a seed like this:
'	StrRandomize rstUser("ID") & CStr(Now) & CStr(Rnd)
' For now we are using a time string and Rnd number converted to string:
'	StrRandomize CStr(Now) & CStr(Rnd)

Some example passwords:<br><br>
Six letter passwords<br>

<%StrRandomize CStr(Now) & CStr(Rnd)
response.write GeneratePassword(6)%><br><br>

Eight letter passwords<br>

<%StrRandomize CStr(Now) & CStr(Rnd)
response.write GeneratePassword(8)%><br><br>

Ten letter passwords<br>

<%StrRandomize CStr(Now) & CStr(Rnd)
response.write GeneratePassword(10)%>

Happy Programming!


  • Download the source code in text format

  • ASP.NET [1.x] [2.0] | ASPFAQs.com | Advertise | Feedback | Author an Article