In the first part of this entry, it was shown how its possible that a password from a normal user would significantly be weaker than that from a complex and randomly generated one.
Note: in the strictest sense, there is no such thing as an uncrackable password. Passwords can be uncrackable only in theory, i.e. the mathematical probability of a password being guessed correctly-- no matter how infinitesimally small the odds are, the possibility of a right guess is always present. Also, passwords are uncrackable only technically-- given enormous resources and time any password can be cracked.
Here is a function for a truly random and complex password generator which is based on …
Skip to the 2nd part for the code snippet.
Its an important matter of security to enforce complex passwords that have a sufficient length. From personal experience, if you ask a normal user to create their own passwords, their passwords will be based on a character set consisting of 36 case-insensitive alphanumeric characters: a-z, 0-9 instead of the full 94 character set typable on all keyboard layouts. Also, most normal users would use dictionary based passwords with a predictable pattern: dictionary words at the beginning and numbers at the end.
Relying solely on the client-side or front-end to enforce the creation of passwords of at least 8 characters long and the use of …
Read part 1 for the rationale behind the code.
As discussed in the first part of this blog entry, we'll be utilizing a statement that uses base 36 to generate the random name. We will be adding the $ and _ characters using the ELT function. Here is a true random database and table name generator:
DELIMITER $$[Read more]
DROP FUNCTION IF EXISTS `randomNameGenerator` $$
CREATE DEFINER=`root`@`localhost` FUNCTION `randomNameGenerator`(
) RETURNS varchar(64) CHARSET utf8
DECLARE numberOfChars, charDiceRoll TINYINT(2);
DECLARE charCount TINYINT DEFAULT 0;
DECLARE randomChar CHAR(1);
DECLARE randomName VARCHAR(64) DEFAULT '';
Skip to part 2 to go straight to the code snippet.
See also a similar generator: Truly Random and Complex Password Generator
Database names and table names have certain restrictions in MySQL:
- The maximum name length for both are 64 characters
- Allowed characters are a-z, A-Z, 0-9, $, and _
It is possible to create a table or database with a dot (.) in its name, however this is not recommended as it will cause some of MySQL's built-in functions to not work as …
A function that can randomly pick an integer from a given range can be used by applications that need a number dice roll and random generation of strings, numbers, and even random generation of complex passwords. Let's say you would like to randomly pick a number from 1 to 10. This gives us 10 choices to randomly pick, not 9 as can be mistakenly thought of since 10 minus 1 equals 9. The same is with the range of choices from 0 to 10. This gives 11 possibilities, not 10. To illustrate:
- The range of choices should include the value of the lower end of the range
- It should …