Nice. Very nice. But it doesn’t meet Scott’s requirement of being able to control the character-set used to generate the password.
From: [email protected] [mailto:[email protected]] On Behalf Of Keith Garner (HotMail) Sent: Friday, February 5, 2016 10:37 PM To: [email protected] Subject: RE: [powershell] Random Password Generator Function Create-Password ( [parameter(ValueFromPipeline=$true)] [ValidateRange(12,128)] [int] $Length = 20 ) { [Reflection.Assembly]::LoadWithPartialName("System.Web") | out-null [System.Web.Security.Membership]::GeneratePassword($length,4) } 12..128 | foreach-object { Create-Password $_ } From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Michael B. Smith Sent: Friday, February 5, 2016 7:24 PM To: [email protected]<mailto:[email protected]> Subject: RE: [powershell] Random Password Generator Shoot. Both occurrences of “-Count 20” should become “-Count $Length” From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Michael B. Smith Sent: Friday, February 5, 2016 9:59 PM To: [email protected]<mailto:[email protected]> Subject: RE: [powershell] Random Password Generator Ok. Here is my final version, and I’ll probably blog about it. ☺ Great stuff. I love these kinds of conversations! -----start----- ## ## Create-Password ## ## February 5, 2016 ## michael at TheEssentialExchange dot com ## ## Based on an idea from Sean Martin ## seanmartin14 at gmail dot com ## Param( [int] $Length = 20, [bool] $AllPrintableAscii = $false ) function range { Param( [char] $start, [char] $finish ) [int]$start .. [int]$finish } ## ASCII table: ## https://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters ## I intentionally exclude <space>, since if a space occurs as the first ## or last character, most password input dialogs will trim the <space>. $password = '' if( $AllPrintableAscii ) { $password = ( [char[]]( Get-Random -InputObject ( 33..126 ) -Count 20 ) ) -Join '' } else { $validChars = ( range 'a' 'z' ) + ( range 'A' 'Z' ) + ( range '0' '9' ) + ( [char[]] '!@#$%^&*()' ) $password = ( [char[]]( Get-Random -InputObject $validChars -Count 20 ) ) -Join '' } $password -----end----- From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Michael B. Smith Sent: Friday, February 5, 2016 9:31 PM To: [email protected]<mailto:[email protected]> Subject: RE: [powershell] Random Password Generator Here is the medium easier-to-understand version: function range { param( [char]$start, [char]$finish ) [int]$start .. [int]$finish } $validChars = ( range 'a' 'z' ) + ( range 'A' 'Z' ) + ( range '0' '9' ) + ( [char[]] '!@#$%^&*()' ) ( [char[]]( Get-Random -InputObject $validChars -Count 20 ) ) -Join '' From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Michael B. Smith Sent: Friday, February 5, 2016 9:16 PM To: [email protected]<mailto:[email protected]> Subject: RE: [powershell] Random Password Generator You can do that with this solution as well. Here is the long version: $upperCase = 65..90 $lowerCase = 97..122 $numbers = 48..57 $bang = , ( [char] '!' ) $splat = , ( [char] '@' ) $hash = , ( [char] '#' ) $dollar = , ( [char] '$' ) $percent = , ( [char] '%' ) $carat = , ( [char] '^' ) $amp = , ( [char] '&' ) $star = , ( [char] '*' ) $lparen = , ( [char] '(' ) $rparen = , ( [char] ')' ) $characters = $upperCase + $lowerCase + $numbers + $bang + $splat + $hash + $dollar + $percent + $carat + $amp + $star + $lparen + $rparen ( [char[]]( Get-Random -InputObject $characters -Count 20 ) ) -Join '' Here is the short version: [char[]] $validChars = 65..90 + 97..122 + 48..57 + ( [char[]] '!@#$%^&*()' ) ( [char[]]( Get-Random -InputObject $validChars -Count 20 ) ) -Join '' From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Scott Crawford Sent: Friday, February 5, 2016 8:31 PM To: [email protected]<mailto:[email protected]> Subject: RE: [powershell] Random Password Generator That’s fantastic. This had been my solution and I do kinda like seeing the actual valid characters cuz it makes it easy to edit out quotes or other possible illegal values. But, it’s tough to beat the elegance of yours when valid characters aren’t a concern. $Chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890!@#$%^&*()" $Rand = New-Object System.Random For ($i = 1; $i -le 20; $i++) { $Password = $Password + $Chars.Substring($Rand.Next(0, $Chars.Length), 1) } $Password From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Michael B. Smith Sent: Friday, February 5, 2016 7:07 PM To: [email protected]<mailto:[email protected]> Subject: RE: [powershell] Random Password Generator Interestingly enough, you can take Get-Random and get an even better random password. Take a look at this: ( [char[]]( Get-Random -Input ( 33..126 ) -Count 20 ) ) -Join '' Great solution using all of the printable ASCII characters (except for the <space> character). From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Michael B. Smith Sent: Thursday, February 4, 2016 3:39 PM To: [email protected]<mailto:[email protected]> Subject: RE: [powershell] Random Password Generator That’s very nice. I never would have thought of that application of Get-Random. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Sean Martin Sent: Thursday, February 4, 2016 10:44 AM To: [email protected]<mailto:[email protected]> Subject: Re: [powershell] Random Password Generator You make a good point. How about this? $randombytes = new-object byte[] 15 (new-object System.Security.Cryptography.RNGCryptoServiceProvider).GetBytes($randombytes) $pass = [System.Convert]::ToBase64String($randombytes) $a = ([char[]](get-random -input (33..47 + 48..57) -count 4)) -join "" $password = $a + $pass - Sean On Wed, Feb 3, 2016 at 6:36 PM, Michael B. Smith <[email protected]<mailto:[email protected]>> wrote: The maximum entropy you get from Base64 is 2.58 bits per character, kinda by definition( ln2( 6 ) ). Given that your maximum length is 15 digits, that limits you to ~38 bits of entropy. At a thousand guesses a second, that’s about 8 years to brute force. Not bad. However, you’ve GIVEN UP over 10 bits of entropy because of four constant characters, taking you to about 28 bits of entropy. Believe it or not, having constants makes a password far far easier to crack. (This is why the revelation of a non-random non-prime in netcat/socat is such a big deal – it makes Diffie-Helman much much simpler to crack.) That’s about 3 days to brute force. That is completely believable for someone to spend the time/energy to crack. (And remember, the 3 days assumes that your password is the last one checked, out of the entire “password universe” – on average, assume half that.) So, the lesson here is that 15 bytes of base64 is fine (if impossible to remember). But don’t use constants. Evah. From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Sean Martin Sent: Wednesday, February 3, 2016 3:24 PM To: [email protected]<mailto:[email protected]> Subject: [powershell] Random Password Generator I don't get the opportunity to contribute all that often so I thought I would throw this out there in case it helps anyone. I got the method from this article: https://www.scriptjunkie.us/2013/09/secure-random-password-generation/ I modify the resulting password by prepending/appending a couple of special and numerical characters to ensure it meets complexity requirements in my current environment. Easy way to generate a secure password whenever the need arises. Critiques are always welcome. =================================================================== # Generate Random Password $randombytes = new-object byte[] 15 (new-object System.Security.Cryptography.RNGCryptoServiceProvider).GetBytes($randombytes) $pass = [System.Convert]::ToBase64String($randombytes) $password = "&#" + $pass + "82" Write-Host "" Write-Host "Your password is: " -ForeGroundColor Cyan -NoNewLine Write-Host "$Password" -ForeGroundColor Yellow Write-Host "" Write-Host "" Write-Host "Press enter to exit script..." -ForeGroundColor Cyan $Pause = Read-Host Exit ================================================================== - Sean ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1 ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1 ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1 ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1 ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1 ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1 ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1 ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1 ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1 ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1 ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1 ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1
