[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: password generator
suffocator@gmx.de writes:
> does anyone know how to automatically generate a password for
> every user in a database?
# This is Larry Wall's password program, somewhat rewritten. I couldn't
# find it on the net, and our version is rather Norwegian, but there
# is a 'goodenough' routine you can probably use.
# in http://ftp.se.kde.org/pub/security/tools/password/yppapasswd/.
require "passwd.pl";
my @passwd_chars =
('a'..'z', 'A'..'Z', 0..9, '-', '+', '?', '=', '*', '(', ')',
'/', '&', '%', "\#", '"', '_', '!', ',', ';', '.', ':');
my (@passwd_salt) = ('.', '/', '0'..'9', 'a'..'z', 'A'..'Z');
sub make_passwd {
my $pass;
do {
$pass = "";
$pass .= $passwd_salt[rand(scalar(@passwd_salt))]
while length($pass) < 8;
} while (! &passwd::goodenough($pass));
return ($pass, crypt($pass, $passwd_salt[rand(scalar(@passwd_salt))]
. $passwd_salt[rand(scalar(@passwd_salt))]);
}
> another problem is that i need every password in plain text to send
> this initial password via email to every user...
You shouldn't. E-mail is insecure, snoopers can pick up passwords you
send that way. Besides, how will the users read their e-mail if they
need the new passwords - which they don't know yet - to log in?
--
Hallvard