Full Control Over a Randomly Generated Password

  • SwePeso

    SSC-Dedicated

    Points: 39693

    Comments posted here are about the content posted at http://www.sqlservercentral.com/columnists/plarsson/2878.asp


    N 56°04'39.16"
    E 12°55'05.25"

  • Charles Kincaid

    SSChampion

    Points: 13593

    Very good!

    One problem though.  Your code to limit the password length does not work if I pass negative numbers.  When the specs are negative then they can't be more negative ten the number of items in the list.  You can't call for more than 26 non-duplicated upper case letters as there are only 26 of them.

    ATBCharles Kincaid

  • adrshen

    SSC-Addicted

    Points: 446

    Hi,

    I always think that when ever i find some time spare than i will write this one.But u did and did in a nice way

  • Johan Bijnens

    SSC Guru

    Points: 134265

    Nice solution.

    I've been using spc_random_password of Written by Narayana Vyas Kondreddi http://vyaskn.tripod.com  (Stored procedure to generate a simple or complex random password&nbspfrom almost when it was published (2001).

    Johan


    Dont drive faster than your guardian angel can fly ...
    but keeping both feet on the ground wont get you anywhere :w00t:

    - How to post Performance Problems
    - How to post data/code to get the best help[/url]

    - How to prevent a sore throat after hours of presenting ppt ?

    press F1 for solution, press shift+F1 for urgent solution 😀

    Need a bit of Powershell? How about this

    Who am I ? Sometimes this is me[/url] :alien: but most of the time this is me :hehe:

  • Liaqat Saeed-417319

    Grasshopper

    Points: 11

    Well, its a nice solution and working prefect.

  • Stephen Hirsch

    SSCommitted

    Points: 1822

    A thought for generating passwords non-randomly: use your birthday in the Jewish (or Muslim or Persian or whatever) calendar. Therefore, if you forget it for whatever reason, you can regenerate it from a web site.

  • David le Quesne

    SSCertifiable

    Points: 5169

    This is a great idea, I am going to use it in my application. I have re-written it as a function though  (for consistency with standards of my system) by creating a view for the NEWID() function:

    CREATE VIEW v_NewID AS SELECT NEWID() AS 'New_ID'

    and modifying the code to use the view rather than NEWID()

    eg:

    -- Get the Number Items

    SET @i = ABS(@NumberItems)

    WHILE @i > 0 AND LEN(@Numbers) > 0   

      SELECT @v = ABS(CAST(CAST(New_ID AS BINARY(16)) AS BIGINT)) % LEN(@Numbers) + 1

      ,    @C = SUBSTRING(@Numbers, @v, 1)

      ,    @Numbers = CASE

           WHEN @NumberItems < 0

         THEN STUFF(@Numbers, @v, 1, '')

       ELSE @Numbers

      END

      ,    @Temp = @Temp + @C

      ,    @i = @i - 1

    FROM v_NewID

    David

    If it ain't broke, don't fix it...

  • David-389924

    Mr or Mrs. 500

    Points: 518

    Nice job, I’ll use it for sure.

    I was using, since always, Left 4 of a new guid + Left 4 of a new guid (uppercase)

    Kind of…

     

    Thanks


    Best Regards,

    David, MCAD.NET

  • Michael Valentine Jones

    SSC Guru

    Points: 64818

    This link below has my own procedure for generating a somewhat mnemonic password, as well as several others for generating random or semi-random passwords:

    http://www.sqlteam.com/forums/topic.asp?TOPIC_ID=78859

    It is an interesting problem, because of the conflicting requirements of security where long, random passwords are better, and the ability of a human to read, remember, and type the password.  A password like B4zI1=5UhW4K6KM'3 is probably almost impossible to crack, but how many people can remember it and type it correctly?

    My mnemonic password procedure is an attempt at a compromise solution to generate passwords that are both secure and something that a human can remember and use.  It could be done better, but it was the best solution I could think of at the time to meet my requirements.

     

  • SwePeso

    SSC-Dedicated

    Points: 39693

    It doesn't matter.

    When you want non-duplicated characters from a group, the while loop exits when there are no more characters to choose from.

    Even if you set 50 non-duplicated characters, the while loop exits after 26.

     


    N 56°04'39.16"
    E 12°55'05.25"

Viewing 10 posts - 1 through 10 (of 10 total)

You must be logged in to reply to this topic. Login to reply