<a href="http://g.adspeed.net/ad.php?do=clk&zid=15220&wd=468&ht=60&pair=as" target="_blank"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=15220&wd=468&ht=60&pair=as" alt="i" width="468" height="60"/></a>
Log in
::
Register
::
Not logged in
Home
Tags
Articles
Editorials
Stairways
Forums
Scripts
Videos
Blogs
QotD
Books
Ask SSC
SQL Jobs
Training
Authors
About us
Contact us
Newsletters
Write for us
<a href="http://g.adspeed.net/ad.php?do=clk&zid=15491&wd=120&ht=300&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=15491&wd=120&ht=300&pair=as" alt="i" width="120" height="300"/></a>
Recent Posts
Recent Posts
Popular Topics
Popular Topics
Home
Search
Members
Calendar
Who's On
Home
»
Article Discussions
»
Article Discussions by Author
»
Discuss content posted by Gaby Abed
»
Generate a random password
20 posts, Page 1 of 2
1
2
»»
Generate a random password
Rate Topic
Display Mode
Topic Options
Author
Message
GabyYYZ
GabyYYZ
Posted Thursday, September 25, 2008 5:01 PM
SSC Eights!
Group: General Forum Members
Last Login: Today @ 12:44 PM
Points: 802,
Visits: 2,012
Comments posted to this topic are about the item
Generate a random password
Gaby
________________________________________________________________
"In theory, theory and practice are the same. In practice, they are not."
- Albert Einstein
Post #576463
J-440512
J-440512
Posted Thursday, November 13, 2008 8:11 AM
SSC-Addicted
Group: General Forum Members
Last Login: Thursday, June 06, 2013 6:31 AM
Points: 438,
Visits: 919
Nice !
There also might be confusion between letter "G" and number 6...
Post #602151
nelsonj-902869
nelsonj-902869
Posted Thursday, November 13, 2008 8:40 AM
SSCommitted
Group: General Forum Members
Last Login: Monday, June 03, 2013 8:15 AM
Points: 1,508,
Visits: 620
The password generator does a nice job, but while testing the code in QA, I noted that the proc does seem to return an "abundant" number of 'repeats' in any given password. In some generated passwords, I count up to three pairs of the same letters or characters. Can this be considered acceptable for 10 character passwords?
Post #602187
J-440512
J-440512
Posted Thursday, November 13, 2008 8:44 AM
SSC-Addicted
Group: General Forum Members
Last Login: Thursday, June 06, 2013 6:31 AM
Points: 438,
Visits: 919
woops...
I did not try to run and test the code.
Thanks for doing this. Very useful.
Post #602190
Steven Willis
Steven Willis
Posted Thursday, November 13, 2008 9:41 AM
SSC Veteran
Group: General Forum Members
Last Login: Today @ 5:43 PM
Points: 298,
Visits: 1,320
Works great and I actually needed something like this today! Thanks!
Post #602234
Jeff Moden
Jeff Moden
Posted Thursday, November 13, 2008 12:24 PM
SSC-Dedicated
Group: General Forum Members
Last Login: Today @ 5:19 PM
Points: 33,110,
Visits: 27,035
Pretty nice, Gaby... your article and some of the comments above gave me a couple of ideas for an article with just a pot-wad of tricks in it... Ok if I reference your article?
--Jeff Moden
"
RBAR
is pronounced "ree-bar" and is a "Modenism" for "
R
ow-
B
y-
A
gonizing-
R
ow".
First step towards the paradigm shift of writing Set Based code:
Stop thinking about what you want to do to a row... think, instead, of what you want to do to a column."
For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/
For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
Post #602316
Steven Willis
Steven Willis
Posted Thursday, November 13, 2008 12:33 PM
SSC Veteran
Group: General Forum Members
Last Login: Today @ 5:43 PM
Points: 298,
Visits: 1,320
One additional thing I'd like to see is the ability to force at least one number and/or one special character.
Post #602321
RML51
RML51
Posted Friday, November 14, 2008 8:09 AM
Ten Centuries
Group: General Forum Members
Last Login: Today @ 9:46 AM
Points: 1,269,
Visits: 1,492
No knock on the script, but I question the value of truly random passwords.
I think I have a pretty good memory. I have my credit card number memorized (okay - maybe that's a bad thing
). For passwords I think there should be some sensible pattern.
I tend to build passwords (at least 9 char) using the user's initials mixed-up, or a misspelling of their name with odd capitalization. I usually include part of they phone number, and/or birth date, and I always include a special character or two. The point is that it's something that forms a memorable pattern to the user. I think I can do this and still maintain a high level of security.
Post #602792
J-440512
J-440512
Posted Friday, November 14, 2008 9:14 AM
SSC-Addicted
Group: General Forum Members
Last Login: Thursday, June 06, 2013 6:31 AM
Points: 438,
Visits: 919
RML51:
Unless you will not allow the users to change their password to one of their own liking -- for instance banks DO allow users to change their PIN number and others do supply a password intended to be changed by the user, then I do not see the point in enforcing a pattern to help the users to remember their password.
If you were to allow users to change password, you could implement instead a password validation routine that would filter out the most commonly used passwords such as "Rolex", "guest", "admin", "sysadmin"" etc. Specify a minimum length, force the use of special characters like !, $, {, }, etc. and a non -zero count of upper and lower case alphabetic characters.
You could also set a maximum length and ban the use of the : character. Would help (no guarantees) reject injection attacks and scripts if you have poorly written applications.
The pattern enforcement scheme would be intended at rejecting non compliant user-entered passwords instead of helping users to remember a password.
And even if you did supply a pattern, if it contains random characters, this would not help the users. Some of them out there really have a hard time with spotting patterns. If they can't remember a password, I would not bank too much on them remembering a pattern either.
Post #602874
GabyYYZ
GabyYYZ
Posted Monday, November 17, 2008 8:24 AM
SSC Eights!
Group: General Forum Members
Last Login: Today @ 12:44 PM
Points: 802,
Visits: 2,012
Jeff Moden (11/13/2008)
Pretty nice, Gaby... your article and some of the comments above gave me a couple of ideas for an article with just a pot-wad of tricks in it... Ok if I reference your article?
Hey Jeff, sorry about the delayed response. Please feel free to use this.
Gaby
________________________________________________________________
"In theory, theory and practice are the same. In practice, they are not."
- Albert Einstein
Post #603700
« Prev Topic
|
Next Topic »
20 posts, Page 1 of 2
1
2
»»
Permissions
You
cannot
post new topics.
You
cannot
post topic replies.
You
cannot
post new polls.
You
cannot
post replies to polls.
You
cannot
edit your own topics.
You
cannot
delete your own topics.
You
cannot
edit other topics.
You
cannot
delete other topics.
You
cannot
edit your own posts.
You
cannot
edit other posts.
You
cannot
delete your own posts.
You
cannot
delete other posts.
You
cannot
post events.
You
cannot
edit your own events.
You
cannot
edit other events.
You
cannot
delete your own events.
You
cannot
delete other events.
You
cannot
send private messages.
You
cannot
send emails.
You
may
read topics.
You
cannot
rate topics.
You
cannot
vote within polls.
You
cannot
upload attachments.
You
may
download attachments.
You
cannot
post HTML code.
You
cannot
edit HTML code.
You
cannot
post IFCode.
You
cannot
post JavaScript.
You
cannot
post EmotIcons.
You
cannot
post or upload images.
Copyright © 2002-2013 Simple Talk Publishing. All Rights Reserved.
Privacy Policy.
Terms of Use.
Report Abuse.
