Wish I could take credit, but I came across an example online a little while back.
- Sean > On Feb 4, 2016, at 11:38 AM, Michael B. Smith <[email protected]> wrote: > > That’s very nice. I never would have thought of that application of > Get-Random. > > From: [email protected] [mailto:[email protected]] > On Behalf Of Sean Martin > Sent: Thursday, February 4, 2016 10:44 AM > To: [email protected] > Subject: Re: [powershell] Random Password Generator > > You make a good point. How about this? > > $randombytes = new-object byte[] 15 > (new-object > System.Security.Cryptography.RNGCryptoServiceProvider).GetBytes($randombytes) > $pass = [System.Convert]::ToBase64String($randombytes) > $a = ([char[]](get-random -input (33..47 + 48..57) -count 4)) -join "" > $password = $a + $pass > > - Sean > > > On Wed, Feb 3, 2016 at 6:36 PM, Michael B. Smith <[email protected]> > wrote: > The maximum entropy you get from Base64 is 2.58 bits per character, kinda by > definition( ln2( 6 ) ). Given that your maximum length is 15 digits, that > limits you to ~38 bits of entropy. At a thousand guesses a second, that’s > about 8 years to brute force. Not bad. > > However, you’ve GIVEN UP over 10 bits of entropy because of four constant > characters, taking you to about 28 bits of entropy. Believe it or not, having > constants makes a password far far easier to crack. (This is why the > revelation of a non-random non-prime in netcat/socat is such a big deal – it > makes Diffie-Helman much much simpler to crack.) > > That’s about 3 days to brute force. > > That is completely believable for someone to spend the time/energy to crack. > (And remember, the 3 days assumes that your password is the last one checked, > out of the entire “password universe” – on average, assume half that.) > > So, the lesson here is that 15 bytes of base64 is fine (if impossible to > remember). But don’t use constants. Evah. > > From: [email protected] [mailto:[email protected]] > On Behalf Of Sean Martin > Sent: Wednesday, February 3, 2016 3:24 PM > To: [email protected] > Subject: [powershell] Random Password Generator > > I don't get the opportunity to contribute all that often so I thought I would > throw this out there in case it helps anyone. > > I got the method from this article: > https://www.scriptjunkie.us/2013/09/secure-random-password-generation/ > > I modify the resulting password by prepending/appending a couple of special > and numerical characters to ensure it meets complexity requirements in my > current environment. > > Easy way to generate a secure password whenever the need arises. Critiques > are always welcome. > > =================================================================== > > # Generate Random Password > > $randombytes = new-object byte[] 15 > (new-object > System.Security.Cryptography.RNGCryptoServiceProvider).GetBytes($randombytes) > $pass = [System.Convert]::ToBase64String($randombytes) > $password = "&#" + $pass + "82" > > Write-Host "" > Write-Host "Your password is: " -ForeGroundColor Cyan -NoNewLine > Write-Host "$Password" -ForeGroundColor Yellow > Write-Host "" > Write-Host "" > Write-Host "Press enter to exit script..." -ForeGroundColor Cyan > > $Pause = Read-Host > Exit > > ================================================================== > > - Sean > > ================================================ > Did you know you can also post and find answers on PowerShell in the forums? > http://www.myitforum.com/forums/default.asp?catApp=1 > > ================================================ > Did you know you can also post and find answers on PowerShell in the forums? > http://www.myitforum.com/forums/default.asp?catApp=1 > > > ================================================ > Did you know you can also post and find answers on PowerShell in the forums? > http://www.myitforum.com/forums/default.asp?catApp=1 > > ================================================ > Did you know you can also post and find answers on PowerShell in the forums? > http://www.myitforum.com/forums/default.asp?catApp=1 ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1
