<PHP Create Strong Random Passwords ⁄ >

Site security is a high priority for any developer. With the number of attacks that sites are getting it is vital that we secure them to the best of our and our technologies ability. One of the main issues with security is user passwords. If our users pick overly simple passwords then there data and ours can be at risk. Having password rules is one way of ensuring that our users will select strong passwords. We can require a specific length and combination of characters and numbers including capitalization requirements.

While it's sometimes difficult to explain these requirements to a user and get them to enter something that fits the criteria it can also be troublesome to create these passwords programmatically. To that end I propose this PHP function to create a password based on very specific rules. The "Mask" that you use to define the password rules is fairly simple with only 5 entities to know. See the comments in the code to understand the rules.

By creating a password with these options you can verify that all auto-generated passwords will match a certain criteria. Here is the PHP code necessary to create this kind of password:

An addition that you may want to make is the ability to have a variable length password. For instance a password could be between 6 and 15 characters you would have to decide how to make the function handle this. It could either have a 15 character mask and cut short at whatever length you decided on, or perhaps you could use a 6 character mask and have it start the pattern over for longer passwords. Usually autogenerated passwords are of a fixed length though so It's not a necessary feature.



este é só um excerto do artigo, para aceder ao artigo completo, clique no link em baixo:
this is just a small excerpt from the article, to access the full article please click in the link below:
http://www.bestcodingpractices.com/php_create_strong_random_passwords-...