That is very cool. As much as I appreciate the mention, this is where I came up with the concept:
https://gallery.technet.microsoft.com/scriptcenter/Simple-random-code-b2c9c9c9 - Sean On Fri, Feb 5, 2016 at 5:58 PM, Michael B. Smith <[email protected]> wrote: > Ok. Here is my final version, and I’ll probably blog about it. J Great > stuff. I love these kinds of conversations! > > > > -----start----- > > ## > > ## Create-Password > > ## > > ## February 5, 2016 > > ## michael at TheEssentialExchange dot com > > ## > > ## Based on an idea from Sean Martin > > ## seanmartin14 at gmail dot com > > ## > > > > Param( > > [int] $Length = 20, > > [bool] $AllPrintableAscii = $false > > ) > > > > function range > > { > > Param( > > [char] $start, > > [char] $finish > > ) > > > > [int]$start .. [int]$finish > > } > > > > ## ASCII table: > > ## > https://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters > > > > ## I intentionally exclude <space>, since if a space occurs > as the first > > ## or last character, most password input dialogs will trim > the <space>. > > > > $password = '' > > if( $AllPrintableAscii ) > > { > > $password = ( [char[]]( Get-Random > -InputObject ( 33..126 ) -Count 20 ) ) -Join '' > > } > > else > > { > > $validChars = ( range 'a' 'z' ) + > > ( range 'A' > 'Z' ) + > > ( range '0' > '9' ) + > > ( [char[]] > '!@#$%^&*()' ) > > > > $password = ( [char[]]( Get-Random > -InputObject $validChars -Count 20 ) ) -Join '' > > } > > > > $password > > -----end----- > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Michael B. Smith > *Sent:* Friday, February 5, 2016 9:31 PM > > *To:* [email protected] > *Subject:* RE: [powershell] Random Password Generator > > > > Here is the medium easier-to-understand version: > > > > function range { param( [char]$start, [char]$finish ) [int]$start .. > [int]$finish } > > > > $validChars = ( range 'a' 'z' ) + ( range 'A' 'Z' ) + ( range '0' '9' ) + > ( [char[]] '!@#$%^&*()' ) > > > > ( [char[]]( Get-Random -InputObject $validChars -Count 20 ) ) -Join '' > > > > > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Michael B. Smith > *Sent:* Friday, February 5, 2016 9:16 PM > *To:* [email protected] > *Subject:* RE: [powershell] Random Password Generator > > > > You can do that with this solution as well. > > > > Here is the long version: > > > > $upperCase = 65..90 > > $lowerCase = 97..122 > > $numbers = 48..57 > > $bang = , ( [char] '!' ) > > $splat = , ( [char] '@' ) > > $hash = , ( [char] '#' ) > > $dollar = , ( [char] '$' ) > > $percent = , ( [char] '%' ) > > $carat = , ( [char] '^' ) > > $amp = , ( [char] '&' ) > > $star = , ( [char] '*' ) > > $lparen = , ( [char] '(' ) > > $rparen = , ( [char] ')' ) > > > > $characters = $upperCase + $lowerCase + $numbers + $bang + $splat + $hash > + $dollar + $percent + $carat + $amp + $star + $lparen + $rparen > > > > ( [char[]]( Get-Random -InputObject $characters -Count 20 ) ) -Join '' > > > > Here is the short version: > > > > [char[]] $validChars = 65..90 + 97..122 + 48..57 + ( [char[]] '!@#$%^&*()' > ) > > ( [char[]]( Get-Random -InputObject $validChars -Count 20 ) ) -Join '' > > > > > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Scott Crawford > *Sent:* Friday, February 5, 2016 8:31 PM > *To:* [email protected] > *Subject:* RE: [powershell] Random Password Generator > > > > That’s fantastic. > > > > This had been my solution and I do kinda like seeing the actual valid > characters cuz it makes it easy to edit out quotes or other possible > illegal values. But, it’s tough to beat the elegance of yours when valid > characters aren’t a concern. > > > > $Chars = > "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890!@#$%^&*()" > > $Rand = New-Object System.Random > > For ($i = 1; $i -le 20; $i++) { > > $Password = $Password + $Chars.Substring($Rand.Next(0, > $Chars.Length), 1) > > } > > $Password > > > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Michael B. Smith > *Sent:* Friday, February 5, 2016 7:07 PM > *To:* [email protected] > *Subject:* RE: [powershell] Random Password Generator > > > > Interestingly enough, you can take Get-Random and get an even better > random password. Take a look at this: > > > > ( [char[]]( Get-Random -Input ( 33..126 ) -Count 20 ) ) -Join '' > > > > Great solution using all of the printable ASCII characters (except for the > <space> character). > > > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Michael B. Smith > *Sent:* Thursday, February 4, 2016 3:39 PM > *To:* [email protected] > *Subject:* RE: [powershell] Random Password Generator > > > > That’s very nice. I never would have thought of that application of > Get-Random. > > > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Sean Martin > *Sent:* Thursday, February 4, 2016 10:44 AM > *To:* [email protected] > *Subject:* Re: [powershell] Random Password Generator > > > > You make a good point. How about this? > > > > $randombytes = new-object byte[] 15 > (new-object > System.Security.Cryptography.RNGCryptoServiceProvider).GetBytes($randombytes) > $pass = [System.Convert]::ToBase64String($randombytes) > $a = ([char[]](get-random -input (33..47 + 48..57) -count 4)) -join "" > $password = $a + $pass > > > > - Sean > > > > > > On Wed, Feb 3, 2016 at 6:36 PM, Michael B. Smith <[email protected]> > wrote: > > The maximum entropy you get from Base64 is 2.58 bits per character, kinda > by definition( ln2( 6 ) ). Given that your maximum length is 15 digits, > that limits you to ~38 bits of entropy. At a thousand guesses a second, > that’s about 8 years to brute force. Not bad. > > > > However, you’ve GIVEN UP over 10 bits of entropy because of four constant > characters, taking you to about 28 bits of entropy. Believe it or not, > having constants makes a password far far easier to crack. (This is why the > revelation of a non-random non-prime in netcat/socat is such a big deal – > it makes Diffie-Helman much much simpler to crack.) > > > > That’s about 3 days to brute force. > > > > That is completely believable for someone to spend the time/energy to > crack. (And remember, the 3 days assumes that your password is the last one > checked, out of the entire “password universe” – on average, assume half > that.) > > > > So, the lesson here is that 15 bytes of base64 is fine (if impossible to > remember). But don’t use constants. Evah. > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Sean Martin > *Sent:* Wednesday, February 3, 2016 3:24 PM > *To:* [email protected] > *Subject:* [powershell] Random Password Generator > > > > I don't get the opportunity to contribute all that often so I thought I > would throw this out there in case it helps anyone. > > > I got the method from this article: > https://www.scriptjunkie.us/2013/09/secure-random-password-generation/ > > > > I modify the resulting password by prepending/appending a couple of > special and numerical characters to ensure it meets complexity requirements > in my current environment. > > > > Easy way to generate a secure password whenever the need arises. Critiques > are always welcome. > > > > =================================================================== > > > > # Generate Random Password > > > $randombytes = new-object byte[] 15 > (new-object > System.Security.Cryptography.RNGCryptoServiceProvider).GetBytes($randombytes) > $pass = [System.Convert]::ToBase64String($randombytes) > $password = "&#" + $pass + "82" > > > Write-Host "" > Write-Host "Your password is: " -ForeGroundColor Cyan -NoNewLine > Write-Host "$Password" -ForeGroundColor Yellow > Write-Host "" > Write-Host "" > Write-Host "Press enter to exit script..." -ForeGroundColor Cyan > > > $Pause = Read-Host > > Exit > > > > ================================================================== > > > > - Sean > > > ================================================ > Did you know you can also post and find answers on PowerShell in the > forums? > http://www.myitforum.com/forums/default.asp?catApp=1 > > > ================================================ > Did you know you can also post and find answers on PowerShell in the > forums? > http://www.myitforum.com/forums/default.asp?catApp=1 > > > > > ================================================ > Did you know you can also post and find answers on PowerShell in the > forums? > http://www.myitforum.com/forums/default.asp?catApp=1 > > > ================================================ > Did you know you can also post and find answers on PowerShell in the > forums? > http://www.myitforum.com/forums/default.asp?catApp=1 > > > ================================================ > Did you know you can also post and find answers on PowerShell in the > forums? > http://www.myitforum.com/forums/default.asp?catApp=1 > > > ================================================ > Did you know you can also post and find answers on PowerShell in the > forums? > http://www.myitforum.com/forums/default.asp?catApp=1 > > > ================================================ > Did you know you can also post and find answers on PowerShell in the > forums? > http://www.myitforum.com/forums/default.asp?catApp=1 > > > ================================================ > Did you know you can also post and find answers on PowerShell in the > forums? > http://www.myitforum.com/forums/default.asp?catApp=1 > > ================================================ > Did you know you can also post and find answers on PowerShell in the > forums? > http://www.myitforum.com/forums/default.asp?catApp=1 > ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1
