When a user on our site loses his password and heads off to the Lost Password page we need to give him a new temporary password. I don't really mind how random this is, or if it matches all the "needed" strong password rules, all I want to do is give them a password that they can change later.
The application is a Web application written in C#. so I was thinking of being mean and going for the easy route of using part of a Guid. i.e.
Guid.NewGuid().ToString("d").Substring(1,8)
Suggesstions? thoughts?
There's always System.Web.Security.Membership.GeneratePassword(int length, int numberOfNonAlphanumericCharacters).
public string CreatePassword(int length)
{
const string valid = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";
StringBuilder res = new StringBuilder();
Random rnd = new Random();
while (0 < length--)
{
res.Append(valid[rnd.Next(valid.Length)]);
}
return res.ToString();
}
This has a good benefit of being able to choose from a list of available characters for the generated password (e.g. digits only, only uppercase or only lowercase etc.)
The main goals of my code are:
The distribution of strings is almost uniform (don't care about minor deviations, as long as they're small)
It outputs more than a few billion strings for each argument set. Generating an 8 character string (~47 bits of entropy) is meaningless if your PRNG only generates 2 billion (31 bits of entropy) different values.
It's secure, since I expect people to use this for passwords or other security tokens.
The first property is achieved by taking a 64 bit value modulo the alphabet size. For small alphabets (such as the 62 characters from the question) this leads to negligible bias. The second and third property are achieved by using RNGCryptoServiceProvider instead of System.Random.
using System;
using System.Security.Cryptography;
public static string GetRandomAlphanumericString(int length)
{
const string alphanumericCharacters =
"ABCDEFGHIJKLMNOPQRSTUVWXYZ" +
"abcdefghijklmnopqrstuvwxyz" +
"0123456789";
return GetRandomString(length, alphanumericCharacters);
}
public static string GetRandomString(int length, IEnumerable<char> characterSet)
{
if (length < 0)
throw new ArgumentException("length must not be negative", "length");
if (length > int.MaxValue / 8) // 250 million chars ought to be enough for anybody
throw new ArgumentException("length is too big", "length");
if (characterSet == null)
throw new ArgumentNullException("characterSet");
var characterArray = characterSet.Distinct().ToArray();
if (characterArray.Length == 0)
throw new ArgumentException("characterSet must not be empty", "characterSet");
var bytes = new byte[length * 8];
new RNGCryptoServiceProvider().GetBytes(bytes);
var result = new char[length];
for (int i = 0; i < length; i++)
{
ulong value = BitConverter.ToUInt64(bytes, i * 8);
result[i] = characterArray[value % (uint)characterArray.Length];
}
return new string(result);
}
(This is a copy of my answer to How can I generate random 8 character, alphanumeric strings in C#?)
public string GenerateToken(int length)
{
using (RNGCryptoServiceProvider cryptRNG = new RNGCryptoServiceProvider())
{
byte[] tokenBuffer = new byte[length];
cryptRNG.GetBytes(tokenBuffer);
return Convert.ToBase64String(tokenBuffer);
}
}
(You could also have the class where this method lives implement IDisposable, hold a reference to the RNGCryptoServiceProvider, and dispose of it properly, to avoid repeatedly instantiating it.)
It's been noted that as this returns a base-64 string, the output length is always a multiple of 4, with the extra space using = as a padding character. The length parameter specifies the length of the byte buffer, not the output string (and is therefore perhaps not the best name for that parameter, now I think about it). This controls how many bytes of entropy the password will have. However, because base-64 uses a 4-character block to encode each 3 bytes of input, if you ask for a length that's not a multiple of 3, there will be some extra "space", and it'll use = to fill the extra.
If you don't like using base-64 strings for any reason, you can replace the Convert.ToBase64String() call with either a conversion to regular string, or with any of the Encoding methods; eg. Encoding.UTF8.GetString(tokenBuffer) - just make sure you pick a character set that can represent the full range of values coming out of the RNG, and that produces characters that are compatible with wherever you're sending or storing this. Using Unicode, for example, tends to give a lot of Chinese characters. Using base-64 guarantees a widely-compatible set of characters, and the characteristics of such a string shouldn't make it any less secure as long as you use a decent hashing algorithm.
This is a lot larger, but I think it looks a little more comprehensive:
http://www.obviex.com/Samples/Password.aspx
///////////////////////////////////////////////////////////////////////////////
// SAMPLE: Generates random password, which complies with the strong password
// rules and does not contain ambiguous characters.
//
// To run this sample, create a new Visual C# project using the Console
// Application template and replace the contents of the Class1.cs file with
// the code below.
//
// THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
// EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED
// WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
//
// Copyright (C) 2004 Obviex(TM). All rights reserved.
//
using System;
using System.Security.Cryptography;
/// <summary>
/// This class can generate random passwords, which do not include ambiguous
/// characters, such as I, l, and 1. The generated password will be made of
/// 7-bit ASCII symbols. Every four characters will include one lower case
/// character, one upper case character, one number, and one special symbol
/// (such as '%') in a random order. The password will always start with an
/// alpha-numeric character; it will not start with a special symbol (we do
/// this because some back-end systems do not like certain special
/// characters in the first position).
/// </summary>
public class RandomPassword
{
// Define default min and max password lengths.
private static int DEFAULT_MIN_PASSWORD_LENGTH = 8;
private static int DEFAULT_MAX_PASSWORD_LENGTH = 10;
// Define supported password characters divided into groups.
// You can add (or remove) characters to (from) these groups.
private static string PASSWORD_CHARS_LCASE = "abcdefgijkmnopqrstwxyz";
private static string PASSWORD_CHARS_UCASE = "ABCDEFGHJKLMNPQRSTWXYZ";
private static string PASSWORD_CHARS_NUMERIC= "23456789";
private static string PASSWORD_CHARS_SPECIAL= "*$-+?_&=!%{}/";
/// <summary>
/// Generates a random password.
/// </summary>
/// <returns>
/// Randomly generated password.
/// </returns>
/// <remarks>
/// The length of the generated password will be determined at
/// random. It will be no shorter than the minimum default and
/// no longer than maximum default.
/// </remarks>
public static string Generate()
{
return Generate(DEFAULT_MIN_PASSWORD_LENGTH,
DEFAULT_MAX_PASSWORD_LENGTH);
}
/// <summary>
/// Generates a random password of the exact length.
/// </summary>
/// <param name="length">
/// Exact password length.
/// </param>
/// <returns>
/// Randomly generated password.
/// </returns>
public static string Generate(int length)
{
return Generate(length, length);
}
/// <summary>
/// Generates a random password.
/// </summary>
/// <param name="minLength">
/// Minimum password length.
/// </param>
/// <param name="maxLength">
/// Maximum password length.
/// </param>
/// <returns>
/// Randomly generated password.
/// </returns>
/// <remarks>
/// The length of the generated password will be determined at
/// random and it will fall with the range determined by the
/// function parameters.
/// </remarks>
public static string Generate(int minLength,
int maxLength)
{
// Make sure that input parameters are valid.
if (minLength <= 0 || maxLength <= 0 || minLength > maxLength)
return null;
// Create a local array containing supported password characters
// grouped by types. You can remove character groups from this
// array, but doing so will weaken the password strength.
char[][] charGroups = new char[][]
{
PASSWORD_CHARS_LCASE.ToCharArray(),
PASSWORD_CHARS_UCASE.ToCharArray(),
PASSWORD_CHARS_NUMERIC.ToCharArray(),
PASSWORD_CHARS_SPECIAL.ToCharArray()
};
// Use this array to track the number of unused characters in each
// character group.
int[] charsLeftInGroup = new int[charGroups.Length];
// Initially, all characters in each group are not used.
for (int i=0; i<charsLeftInGroup.Length; i++)
charsLeftInGroup[i] = charGroups[i].Length;
// Use this array to track (iterate through) unused character groups.
int[] leftGroupsOrder = new int[charGroups.Length];
// Initially, all character groups are not used.
for (int i=0; i<leftGroupsOrder.Length; i++)
leftGroupsOrder[i] = i;
// Because we cannot use the default randomizer, which is based on the
// current time (it will produce the same "random" number within a
// second), we will use a random number generator to seed the
// randomizer.
// Use a 4-byte array to fill it with random bytes and convert it then
// to an integer value.
byte[] randomBytes = new byte[4];
// Generate 4 random bytes.
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
rng.GetBytes(randomBytes);
// Convert 4 bytes into a 32-bit integer value.
int seed = BitConverter.ToInt32(randomBytes, 0);
// Now, this is real randomization.
Random random = new Random(seed);
// This array will hold password characters.
char[] password = null;
// Allocate appropriate memory for the password.
if (minLength < maxLength)
password = new char[random.Next(minLength, maxLength+1)];
else
password = new char[minLength];
// Index of the next character to be added to password.
int nextCharIdx;
// Index of the next character group to be processed.
int nextGroupIdx;
// Index which will be used to track not processed character groups.
int nextLeftGroupsOrderIdx;
// Index of the last non-processed character in a group.
int lastCharIdx;
// Index of the last non-processed group.
int lastLeftGroupsOrderIdx = leftGroupsOrder.Length - 1;
// Generate password characters one at a time.
for (int i=0; i<password.Length; i++)
{
// If only one character group remained unprocessed, process it;
// otherwise, pick a random character group from the unprocessed
// group list. To allow a special character to appear in the
// first position, increment the second parameter of the Next
// function call by one, i.e. lastLeftGroupsOrderIdx + 1.
if (lastLeftGroupsOrderIdx == 0)
nextLeftGroupsOrderIdx = 0;
else
nextLeftGroupsOrderIdx = random.Next(0,
lastLeftGroupsOrderIdx);
// Get the actual index of the character group, from which we will
// pick the next character.
nextGroupIdx = leftGroupsOrder[nextLeftGroupsOrderIdx];
// Get the index of the last unprocessed characters in this group.
lastCharIdx = charsLeftInGroup[nextGroupIdx] - 1;
// If only one unprocessed character is left, pick it; otherwise,
// get a random character from the unused character list.
if (lastCharIdx == 0)
nextCharIdx = 0;
else
nextCharIdx = random.Next(0, lastCharIdx+1);
// Add this character to the password.
password[i] = charGroups[nextGroupIdx][nextCharIdx];
// If we processed the last character in this group, start over.
if (lastCharIdx == 0)
charsLeftInGroup[nextGroupIdx] =
charGroups[nextGroupIdx].Length;
// There are more unprocessed characters left.
else
{
// Swap processed character with the last unprocessed character
// so that we don't pick it until we process all characters in
// this group.
if (lastCharIdx != nextCharIdx)
{
char temp = charGroups[nextGroupIdx][lastCharIdx];
charGroups[nextGroupIdx][lastCharIdx] =
charGroups[nextGroupIdx][nextCharIdx];
charGroups[nextGroupIdx][nextCharIdx] = temp;
}
// Decrement the number of unprocessed characters in
// this group.
charsLeftInGroup[nextGroupIdx]--;
}
// If we processed the last group, start all over.
if (lastLeftGroupsOrderIdx == 0)
lastLeftGroupsOrderIdx = leftGroupsOrder.Length - 1;
// There are more unprocessed groups left.
else
{
// Swap processed group with the last unprocessed group
// so that we don't pick it until we process all groups.
if (lastLeftGroupsOrderIdx != nextLeftGroupsOrderIdx)
{
int temp = leftGroupsOrder[lastLeftGroupsOrderIdx];
leftGroupsOrder[lastLeftGroupsOrderIdx] =
leftGroupsOrder[nextLeftGroupsOrderIdx];
leftGroupsOrder[nextLeftGroupsOrderIdx] = temp;
}
// Decrement the number of unprocessed groups.
lastLeftGroupsOrderIdx--;
}
}
// Convert password characters into a string and return the result.
return new string(password);
}
}
/// <summary>
/// Illustrates the use of the RandomPassword class.
/// </summary>
public class RandomPasswordTest
{
/// <summary>
/// The main entry point for the application.
/// </summary>
[STAThread]
static void Main(string[] args)
{
// Print 100 randomly generated passwords (8-to-10 char long).
for (int i=0; i<100; i++)
Console.WriteLine(RandomPassword.Generate(8, 10));
}
}
//
// END OF FILE
///////////////////////////////////////////////////////////////////////////////
I created this class that uses RNGCryptoServiceProvider and it is flexible. Example:
var generator = new PasswordGenerator(minimumLengthPassword: 8,
maximumLengthPassword: 15,
minimumUpperCaseChars: 2,
minimumNumericChars: 3,
minimumSpecialChars: 2);
string password = generator.Generate();
I know that this is an old thread, but I have what might be a fairly simple solution for someone to use. Easy to implement, easy to understand, and easy to validate.
Consider the following requirement:
I need a random password to be generated which has at least 2 lower-case letters, 2 upper-case letters and 2 numbers. The password must also be a minimum of 8 characters in length.
The following regular expression can validate this case:
^(?=\b\w*[a-z].*[a-z]\w*\b)(?=\b\w*[A-Z].*[A-Z]\w*\b)(?=\b\w*[0-9].*[0-9]\w*\b)[a-zA-Z0-9]{8,}$
It's outside the scope of this question - but the regex is based on lookahead/lookbehind and lookaround.
The following code will create a random set of characters which match this requirement:
public static string GeneratePassword(int lowercase, int uppercase, int numerics) {
string lowers = "abcdefghijklmnopqrstuvwxyz";
string uppers = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
string number = "0123456789";
Random random = new Random();
string generated = "!";
for (int i = 1; i <= lowercase; i++)
generated = generated.Insert(
random.Next(generated.Length),
lowers[random.Next(lowers.Length - 1)].ToString()
);
for (int i = 1; i <= uppercase; i++)
generated = generated.Insert(
random.Next(generated.Length),
uppers[random.Next(uppers.Length - 1)].ToString()
);
for (int i = 1; i <= numerics; i++)
generated = generated.Insert(
random.Next(generated.Length),
number[random.Next(number.Length - 1)].ToString()
);
return generated.Replace("!", string.Empty);
}
To meet the above requirement, simply call the following:
String randomPassword = GeneratePassword(3, 3, 3);
The code starts with an invalid character ("!") - so that the string has a length into which new characters can be injected.
It then loops from 1 to the # of lowercase characters required, and on each iteration, grabs a random item from the lowercase list, and injects it at a random location in the string.
It then repeats the loop for uppercase letters and for numerics.
This gives you back strings of length = lowercase + uppercase + numerics into which lowercase, uppercase and numeric characters of the count you want have been placed in a random order.
I'll add another ill-advised answer to the pot.
I have a use case where I need random passwords for machine-machine communication, so I don't have any requirement for human readability. I also don't have access to Membership.GeneratePassword in my project, and don't want to add the dependency.
I am fairly certain Membership.GeneratePassword is doing something similar to this, but here you can tune the pools of characters to draw from.
public static class PasswordGenerator
{
private readonly static Random _rand = new Random();
public static string Generate(int length = 24)
{
const string lower = "abcdefghijklmnopqrstuvwxyz";
const string upper = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
const string number = "1234567890";
const string special = "!##$%^&*_-=+";
// Get cryptographically random sequence of bytes
var bytes = new byte[length];
new RNGCryptoServiceProvider().GetBytes(bytes);
// Build up a string using random bytes and character classes
var res = new StringBuilder();
foreach(byte b in bytes)
{
// Randomly select a character class for each byte
switch (_rand.Next(4))
{
// In each case use mod to project byte b to the correct range
case 0:
res.Append(lower[b % lower.Count()]);
break;
case 1:
res.Append(upper[b % upper.Count()]);
break;
case 2:
res.Append(number[b % number.Count()]);
break;
case 3:
res.Append(special[b % special.Count()]);
break;
}
}
return res.ToString();
}
}
And some example output:
PasswordGenerator.Generate(12)
"pzY=64#-ChS$"
"BG0OsyLbYnI_"
"l9#5^2&adj_i"
"#++Ws9d$%O%X"
"IWhdIN-#&O^s"
To preempt complaints about the use of Random: The primary source of randomness is still the crypto RNG. Even if you could deterministically preordain the sequence coming out of Random (say it only produced 1) you still wouldn't know the next char that would be picked (though that would limit the range of possibilities).
One simple extension would be to add weighting to the different character sets, which could be as simple as upping the max value and adding fall-through cases to increase weight.
switch (_rand.Next(6))
{
// Prefer letters 2:1
case 0:
case 1:
res.Append(lower[b % lower.Count()]);
break;
case 2:
case 3:
res.Append(upper[b % upper.Count()]);
break;
case 4:
res.Append(number[b % number.Count()]);
break;
case 5:
res.Append(special[b % special.Count()]);
break;
}
For a more humanistic random password generator I once implemented a prompt system using the EFF dice-word list.
I don't like the passwords that Membership.GeneratePassword() creates, as they're too ugly and have too many special characters.
This code generates a 10 digit not-too-ugly password.
string password = Guid.NewGuid().ToString("N").ToLower()
.Replace("1", "").Replace("o", "").Replace("0","")
.Substring(0,10);
Sure, I could use a Regex to do all the replaces but this is more readable and maintainable IMO.
For this sort of password, I tend to use a system that's likely to generate more easily "used" passwords. Short, often made up of pronouncable fragments and a few numbers, and with no intercharacter ambiguity (is that a 0 or an O? A 1 or an I?). Something like
string[] words = { 'bur', 'ler', 'meh', 'ree' };
string word = "";
Random rnd = new Random();
for (i = 0; i < 3; i++)
word += words[rnd.Next(words.length)]
int numbCount = rnd.Next(4);
for (i = 0; i < numbCount; i++)
word += (2 + rnd.Next(7)).ToString();
return word;
(Typed right into the browser, so use only as guidelines. Also, add more words).
I created this method similar to the available in the membership provider. This is usefull if you don't want to add the web reference in some applications.
It works great.
public static string GeneratePassword(int Length, int NonAlphaNumericChars)
{
string allowedChars = "abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ0123456789";
string allowedNonAlphaNum = "!##$%^&*()_-+=[{]};:<>|./?";
Random rd = new Random();
if (NonAlphaNumericChars > Length || Length <= 0 || NonAlphaNumericChars < 0)
throw new ArgumentOutOfRangeException();
char[] pass = new char[Length];
int[] pos = new int[Length];
int i = 0, j = 0, temp = 0;
bool flag = false;
//Random the position values of the pos array for the string Pass
while (i < Length - 1)
{
j = 0;
flag = false;
temp = rd.Next(0, Length);
for (j = 0; j < Length; j++)
if (temp == pos[j])
{
flag = true;
j = Length;
}
if (!flag)
{
pos[i] = temp;
i++;
}
}
//Random the AlphaNumericChars
for (i = 0; i < Length - NonAlphaNumericChars; i++)
pass[i] = allowedChars[rd.Next(0, allowedChars.Length)];
//Random the NonAlphaNumericChars
for (i = Length - NonAlphaNumericChars; i < Length; i++)
pass[i] = allowedNonAlphaNum[rd.Next(0, allowedNonAlphaNum.Length)];
//Set the sorted array values by the pos array for the rigth posistion
char[] sorted = new char[Length];
for (i = 0; i < Length; i++)
sorted[i] = pass[pos[i]];
string Pass = new String(sorted);
return Pass;
}
I've always been very happy with the password generator built-in to KeePass. Since KeePass is a .Net program, and open source, I decided to dig around the code a bit. I ended up just referncing KeePass.exe, the copy provided in the standard application install, as a reference in my project and writing the code below. You can see how flexible it is thanks to KeePass. You can specify length, which characters to include/not include, etc...
using KeePassLib.Cryptography.PasswordGenerator;
using KeePassLib.Security;
public static string GeneratePassword(int passwordLength, bool lowerCase, bool upperCase, bool digits,
bool punctuation, bool brackets, bool specialAscii, bool excludeLookAlike)
{
var ps = new ProtectedString();
var profile = new PwProfile();
profile.CharSet = new PwCharSet();
profile.CharSet.Clear();
if (lowerCase)
profile.CharSet.AddCharSet('l');
if(upperCase)
profile.CharSet.AddCharSet('u');
if(digits)
profile.CharSet.AddCharSet('d');
if (punctuation)
profile.CharSet.AddCharSet('p');
if (brackets)
profile.CharSet.AddCharSet('b');
if (specialAscii)
profile.CharSet.AddCharSet('s');
profile.ExcludeLookAlike = excludeLookAlike;
profile.Length = (uint)passwordLength;
profile.NoRepeatingCharacters = true;
KeePassLib.Cryptography.PasswordGenerator.PwGenerator.Generate(out ps, profile, null, _pool);
return ps.ReadString();
}
I like to look at generating passwords, just like generating software keys. You should choose from an array of characters that follow a good practice. Take what #Radu094 answered with and modify it to follow good practice. Don't put every single letter in the character array. Some letters are harder to say or understand over the phone.
You should also consider using a checksum on the password that was generated to make sure that it was generated by you. A good way of accomplishing this is to use the LUHN algorithm.
public static string GeneratePassword(int passLength) {
var chars = "abcdefghijklmnopqrstuvwxyz##$&ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
var random = new Random();
var result = new string(
Enumerable.Repeat(chars, passLength)
.Select(s => s[random.Next(s.Length)])
.ToArray());
return result;
}
This package allows you to generate a random password while fluently indicating which characters it should contain (if needed):
https://github.com/prjseal/PasswordGenerator/
Example:
var pwd = new Password().IncludeLowercase().IncludeUppercase().IncludeSpecial();
var password = pwd.Next();
If you want to make use of the cryptographically secure random number generation used by System.Web.Security.Membership.GeneratePassword but also want to restrict the character set to alphanumeric characters, you can filter the result with a regex:
static string GeneratePassword(int characterCount)
{
string password = String.Empty;
while(password.Length < characterCount)
password += Regex.Replace(System.Web.Security.Membership.GeneratePassword(128, 0), "[^a-zA-Z0-9]", string.Empty);
return password.Substring(0, characterCount);
}
check this code...
I added the .remove(length) to improve anaximander's response
public string GeneratePassword(int length)
{
using(RNGCryptoServiceProvider cryptRNG = new RNGCryptoServiceProvider();)
{
byte[] tokenBuffer = new byte[length];
cryptRNG.GetBytes(tokenBuffer);
return Convert.ToBase64String(tokenBuffer).Remove(length);
}
}
How to Generate the Random Password in C#.
Output : (https://prnt.sc/11fac8v)
Run : https://onlinegdb.com/HJe5OHBLu
private static Random random = new Random();
public static void Main()
{
Console.WriteLine("Random password with length of 8 character.");
Console.WriteLine("===========================================");
Console.WriteLine("Capital latters : 2");
Console.WriteLine("Number latters : 2");
Console.WriteLine("Special latters : 2");
Console.WriteLine("Small latters : 2");
Console.WriteLine("===========================================");
Console.Write("The Random Password : ");
Console.WriteLine(RandomStringCap(2) + RandomStringNum(2) + RandomStringSpe(2) + RandomStringSml(2));
Console.WriteLine("===========================================");
}
public static string RandomStringCap(int length)
{
const string chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
return new string(Enumerable.Repeat(chars, length)
.Select(s => s[random.Next(s.Length)]).ToArray());
}
public static string RandomStringNum(int length)
{
const string chars = "0123456789";
return new string(Enumerable.Repeat(chars, length)
.Select(s => s[random.Next(s.Length)]).ToArray());
}
public static string RandomStringSml(int length)
{
const string chars = "abcdefghijklmnopqrstuvwxyz";
return new string(Enumerable.Repeat(chars, length)
.Select(s => s[random.Next(s.Length)]).ToArray());
}
public static string RandomStringSpe(int length)
{
const string chars = "!##$%^&*_-=+";
return new string(Enumerable.Repeat(chars, length)
.Select(s => s[random.Next(s.Length)]).ToArray());
}
Pretty easy way to require one from each group using Random and linq-to-objects.
Randomize each group
Select random amount from first group
Select remaining random amounts from following groups
Random rand = new Random();
int min = 8;
int max = 16;
int totalLen = rand.Next(min, max);
int remainingGroups = 4;
string[] allowedLowerChars = "a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z".Split(',');
string [] allowedUpperChars = "A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z".Split(',');
string [] allowedNumbers = "1,2,3,4,5,6,7,8,9,0".Split(',');
string [] allowedSpecialChars = "!,#,#,$,%,&,?".Split(',');
var password = allowedLowerChars.OrderBy(c => rand.Next()).Take(rand.Next(1, totalLen-remainingGroups--)).ToList();
password.AddRange(allowedUpperChars.OrderBy(c => rand.Next()).Take(rand.Next(1, totalLen-password.Count-remainingGroups--)).ToList());
password.AddRange(allowedNumbers.OrderBy(c => rand.Next()).Take(rand.Next(1, totalLen-password.Count-remainingGroups--)).ToList());
password.AddRange(allowedSpecialChars.OrderBy(c => rand.Next()).Take(totalLen-password.Count).ToList());
password = password.OrderBy(c => rand.Next()).ToList(); // randomize groups
Inspired by the answer from #kitsu.eb, but using RandomNumberGenerator instead of Random or RNGCryptoServiceProvider (deprecated in .NET 6), and added a few more special characters.
Optional parameter to exclude characters that will be escaped when using System.Text.Json.JsonSerializer.Serialize - for example & which is escaped as \u0026 - so that you can guarantee the length of the serialized string will match the length of the password.
For .NET Core 3.0 and above.
public static class PasswordGenerator
{
const string lower = "abcdefghijklmnopqrstuvwxyz";
const string upper = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
const string number = "1234567890";
const string special = "!##$%^&*()[]{},.:`~_-=+"; // excludes problematic characters like ;'"/\
const string specialJsonSafe = "!##$%^*()[]{},.:~_-="; // excludes problematic characters like ;'"/\ and &`+
const int lowerLength = 26; // lower.Length
const int upperLength = 26; // upper.Length;
const int numberLength = 10; // number.Length;
const int specialLength = 23; // special.Length;
const int specialJsonSafeLength = 20; // specialJsonSafe.Length;
public static string Generate(int length = 96, bool jsonSafeSpecialCharactersOnly = false)
{
Span<char> result = length < 1024 ? stackalloc char[length] : new char[length].AsSpan();
for (int i = 0; i < length; ++i)
{
switch (RandomNumberGenerator.GetInt32(4))
{
case 0:
result[i] = lower[RandomNumberGenerator.GetInt32(0, lowerLength)];
break;
case 1:
result[i] = upper[RandomNumberGenerator.GetInt32(0, upperLength)];
break;
case 2:
result[i] = number[RandomNumberGenerator.GetInt32(0, numberLength)];
break;
case 3:
if (jsonSafeSpecialCharactersOnly)
{
result[i] = specialJsonSafe[RandomNumberGenerator.GetInt32(0, specialJsonSafeLength)];
}
else
{
result[i] = special[RandomNumberGenerator.GetInt32(0, specialLength)];
}
break;
}
}
return result.ToString();
}
}
Since Random is not secure and RNGCryptoServiceProvider is obsolte I ended up doing this:
// possible characters that password can have
private const string passChars =
"ABCDEFGHIJKLMNOPQRSTUVWXYZ" +
"abcdefghijklmnopqrstuvwxyz" +
"0123456789" +
"!##$%.-_"
;
public static string GetRandomPassword(int length)
{
char[] p = new char[length];
for (int i = 0; i < length; i++)
p[i] = passChars[RandomNumberGenerator.GetInt32(0, passChars.Length)];
return new string(p);
}
Here is a solution that uses RNGCryptoServiceProvider to mimic the functionality of Membership.GeneratePassword from the System.Web.Security namespace.
I needed a drop-in replacement for running it in Azure Function.
It can be tested here:
https://dotnetfiddle.net/V0cNJw
public static string GeneratePassword(int length, int numberOfNonAlphanumericCharacters)
{
const string allowedChars = "abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ0123456789";
const string nonAlphanumericChars = "!##$%^&*()_-+=[{]};:<>|./?";
var randNum = new byte[4];
using (var rng = new RNGCryptoServiceProvider())
{
rng.GetBytes(randNum);
var randomSeed = BitConverter.ToInt32(randNum, 0);
var random = new Random(randomSeed);
var chars = new char[length];
var allowedCharCount = allowedChars.Length;
var nonAlphanumericCharCount = nonAlphanumericChars.Length;
var numNonAlphanumericCharsAdded = 0;
for (var i = 0; i < length; i++)
{
if (numNonAlphanumericCharsAdded < numberOfNonAlphanumericCharacters && i < length - 1)
{
chars[i] = nonAlphanumericChars[random.Next(nonAlphanumericCharCount)];
numNonAlphanumericCharsAdded++;
}
else
{
chars[i] = allowedChars[random.Next(allowedCharCount)];
}
}
return new string(chars);
}
}
Here is a version that runs on .Net 6.0+
Sandbox: https://dotnetfiddle.net/XqgTSg
public static string GeneratePassword(int length, int numberOfNonAlphanumericCharacters)
{
const string allowedChars = "abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ0123456789";
const string nonAlphanumericChars = "!##$%^&*()_-+=[{]};:<>|./?";
var randNum = new byte[4];
using (var rng = RandomNumberGenerator.Create())
{
rng.GetBytes(randNum);
var randomSeed = BitConverter.ToInt32(randNum, 0);
var random = new Random(randomSeed);
var chars = new char[length];
var allowedCharCount = allowedChars.Length;
var nonAlphanumericCharCount = nonAlphanumericChars.Length;
var numNonAlphanumericCharsAdded = 0;
for (var i = 0; i < length; i++)
{
if (numNonAlphanumericCharsAdded < numberOfNonAlphanumericCharacters && i < length - 1)
{
chars[i] = nonAlphanumericChars[random.Next(nonAlphanumericCharCount)];
numNonAlphanumericCharsAdded++;
}
else
{
chars[i] = allowedChars[random.Next(allowedCharCount)];
}
}
return new string(chars);
}
}
On my website I use this method:
//Symb array
private const string _SymbolsAll = "~`!##$%^&*()_+=-\\|[{]}'\";:/?.>,<";
//Random symb
public string GetSymbol(int Length)
{
Random Rand = new Random(DateTime.Now.Millisecond);
StringBuilder result = new StringBuilder();
for (int i = 0; i < Length; i++)
result.Append(_SymbolsAll[Rand.Next(0, _SymbolsAll.Length)]);
return result.ToString();
}
Edit string _SymbolsAll for your array list.
Added some supplemental code to the accepted answer. It improves upon answers just using Random and allows for some password options. I also liked some of the options from the KeePass answer but did not want to include the executable in my solution.
private string RandomPassword(int length, bool includeCharacters, bool includeNumbers, bool includeUppercase, bool includeNonAlphaNumericCharacters, bool includeLookAlikes)
{
if (length < 8 || length > 128) throw new ArgumentOutOfRangeException("length");
if (!includeCharacters && !includeNumbers && !includeNonAlphaNumericCharacters) throw new ArgumentException("RandomPassword-Key arguments all false, no values would be returned");
string pw = "";
do
{
pw += System.Web.Security.Membership.GeneratePassword(128, 25);
pw = RemoveCharacters(pw, includeCharacters, includeNumbers, includeUppercase, includeNonAlphaNumericCharacters, includeLookAlikes);
} while (pw.Length < length);
return pw.Substring(0, length);
}
private string RemoveCharacters(string passwordString, bool includeCharacters, bool includeNumbers, bool includeUppercase, bool includeNonAlphaNumericCharacters, bool includeLookAlikes)
{
if (!includeCharacters)
{
var remove = new string[] { "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z" };
foreach (string r in remove)
{
passwordString = passwordString.Replace(r, string.Empty);
passwordString = passwordString.Replace(r.ToUpper(), string.Empty);
}
}
if (!includeNumbers)
{
var remove = new string[] { "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" };
foreach (string r in remove)
passwordString = passwordString.Replace(r, string.Empty);
}
if (!includeUppercase)
passwordString = passwordString.ToLower();
if (!includeNonAlphaNumericCharacters)
{
var remove = new string[] { "!", "#", "#", "$", "%", "^", "&", "*", "(", ")", "-", "_", "+", "=", "{", "}", "[", "]", "|", "\\", ":", ";", "<", ">", "/", "?", "." };
foreach (string r in remove)
passwordString = passwordString.Replace(r, string.Empty);
}
if (!includeLookAlikes)
{
var remove = new string[] { "(", ")", "0", "O", "o", "1", "i", "I", "l", "|", "!", ":", ";" };
foreach (string r in remove)
passwordString = passwordString.Replace(r, string.Empty);
}
return passwordString;
}
This was the first link when I searched for generating random passwords and the following is out of scope for the current question but might be important to consider.
Based upon the assumption that System.Web.Security.Membership.GeneratePassword is cryptographically secure with a minimum of 20% of the characters being Non-Alphanumeric.
Not sure if removing characters and appending strings is considered good practice in this case and provides enough entropy.
Might want to consider implementing in some way with SecureString for secure password storage in memory.
validChars can be any construct, but I decided to select based on ascii code ranges removing control chars. In this example, it is a 12 character string.
string validChars = String.Join("", Enumerable.Range(33, (126 - 33)).Where(i => !(new int[] { 34, 38, 39, 44, 60, 62, 96 }).Contains(i)).Select(i => { return (char)i; }));
string.Join("", Enumerable.Range(1, 12).Select(i => { return validChars[(new Random(Guid.NewGuid().GetHashCode())).Next(0, validChars.Length - 1)]; }))
This is short and it works great for me.
public static string GenerateRandomCode(int length)
{
Random rdm = new Random();
StringBuilder sb = new StringBuilder();
for(int i = 0; i < length; i++)
sb.Append(Convert.ToChar(rdm.Next(101,132)));
return sb.ToString();
}
Here Is what i put together quickly.
public string GeneratePassword(int len)
{
string res = "";
Random rnd = new Random();
while (res.Length < len) res += (new Func<Random, string>((r) => {
char c = (char)((r.Next(123) * DateTime.Now.Millisecond % 123));
return (Char.IsLetterOrDigit(c)) ? c.ToString() : "";
}))(rnd);
return res;
}
Generate random password of specified length with
- Special characters
- Number
- Lowecase
- Uppercase
public static string CreatePassword(int length = 12)
{
const string lower = "abcdefghijklmnopqrstuvwxyz";
const string upper = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
const string number = "1234567890";
const string special = "!##$%^&*";
var middle = length / 2;
StringBuilder res = new StringBuilder();
Random rnd = new Random();
while (0 < length--)
{
if (middle == length)
{
res.Append(number[rnd.Next(number.Length)]);
}
else if (middle - 1 == length)
{
res.Append(special[rnd.Next(special.Length)]);
}
else
{
if (length % 2 == 0)
{
res.Append(lower[rnd.Next(lower.Length)]);
}
else
{
res.Append(upper[rnd.Next(upper.Length)]);
}
}
}
return res.ToString();
}
I use this code for generate password with balance composition of alphabet, numeric and non_alpha_numeric chars.
public static string GeneratePassword(int Length, int NonAlphaNumericChars)
{
string allowedChars = "abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ0123456789";
string allowedNonAlphaNum = "!##$%^&*()_-+=[{]};:<>|./?";
string pass = "";
Random rd = new Random(DateTime.Now.Millisecond);
for (int i = 0; i < Length; i++)
{
if (rd.Next(1) > 0 && NonAlphaNumericChars > 0)
{
pass += allowedNonAlphaNum[rd.Next(allowedNonAlphaNum.Length)];
NonAlphaNumericChars--;
}
else
{
pass += allowedChars[rd.Next(allowedChars.Length)];
}
}
return pass;
}
Insert a Timer: timer1, 2 buttons: button1, button2, 1 textBox: textBox1, and a comboBox: comboBox1. Make sure you declare:
int count = 0;
Source Code:
private void button1_Click(object sender, EventArgs e)
{
// This clears the textBox, resets the count, and starts the timer
count = 0;
textBox1.Clear();
timer1.Start();
}
private void timer1_Tick(object sender, EventArgs e)
{
// This generates the password, and types it in the textBox
count += 1;
string possible = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";
string psw = "";
Random rnd = new Random { };
psw += possible[rnd.Next(possible.Length)];
textBox1.Text += psw;
if (count == (comboBox1.SelectedIndex + 1))
{
timer1.Stop();
}
}
private void Form1_Load(object sender, EventArgs e)
{
// This adds password lengths to the comboBox to choose from.
comboBox1.Items.Add("1");
comboBox1.Items.Add("2");
comboBox1.Items.Add("3");
comboBox1.Items.Add("4");
comboBox1.Items.Add("5");
comboBox1.Items.Add("6");
comboBox1.Items.Add("7");
comboBox1.Items.Add("8");
comboBox1.Items.Add("9");
comboBox1.Items.Add("10");
comboBox1.Items.Add("11");
comboBox1.Items.Add("12");
}
private void button2_click(object sender, EventArgs e)
{
// This encrypts the password
tochar = textBox1.Text;
textBox1.Clear();
char[] carray = tochar.ToCharArray();
for (int i = 0; i < carray.Length; i++)
{
int num = Convert.ToInt32(carray[i]) + 10;
string cvrt = Convert.ToChar(num).ToString();
textBox1.Text += cvrt;
}
}
Related
I want to count words and spaces in my string. String looks like this:
Command do something ptuf(123) and bo(1).ctq[5] v:0,
I have something like this so far
int count = 0;
string mystring = "Command do something ptuf(123) and bo(1).ctq[5] v:0,";
foreach(char c in mystring)
{
if(char.IsLetter(c))
{
count++;
}
}
What should I do to count spaces also?
int countSpaces = mystring.Count(Char.IsWhiteSpace); // 6
int countWords = mystring.Split().Length; // 7
Note that both use Char.IsWhiteSpace which assumes other characters than " " as white-space(like newline). Have a look at the remarks section to see which exactly .
you can use string.Split with a space
http://msdn.microsoft.com/en-us/library/system.string.split.aspx
When you get a string array the number of elements is the number of words, and the number of spaces is the number of words -1
if you want to count spaces you can use LINQ :
int count = mystring.Count(s => s == ' ');
This will take into account:
Strings starting or ending with a space.
Double/triple/... spaces.
Assuming that the only word seperators are spaces and that your string is not null.
private static int CountWords(string S)
{
if (S.Length == 0)
return 0;
S = S.Trim();
while (S.Contains(" "))
S = S.Replace(" "," ");
return S.Split(' ').Length;
}
Note: the while loop can also be done with a regex: How do I replace multiple spaces with a single space in C#?
Here's a method using regex. Just something else to consider. It is better if you have long strings with lots of different types of whitespace. Similar to Microsoft Word's WordCount.
var str = "Command do something ptuf(123) and bo(1).ctq[5] v:0,";
int count = Regex.Matches(str, #"[\S]+").Count; // count is 7
For comparison,
var str = "Command do something ptuf(123) and bo(1).ctq[5] v:0,";
str.Count(char.IsWhiteSpace) is 17, while the regex count is still 7.
I've got some ready code to get a list of words in a string:
(extension methods, must be in a static class)
/// <summary>
/// Gets a list of words in the text. A word is any string sequence between two separators.
/// No word is added if separators are consecutive (would mean zero length words).
/// </summary>
public static List<string> GetWords(this string Text, char WordSeparator)
{
List<int> SeparatorIndices = Text.IndicesOf(WordSeparator.ToString(), true);
int LastIndexNext = 0;
List<string> Result = new List<string>();
foreach (int index in SeparatorIndices)
{
int WordLen = index - LastIndexNext;
if (WordLen > 0)
{
Result.Add(Text.Substring(LastIndexNext, WordLen));
}
LastIndexNext = index + 1;
}
return Result;
}
/// <summary>
/// returns all indices of the occurrences of a passed string in this string.
/// </summary>
public static List<int> IndicesOf(this string Text, string ToFind, bool IgnoreCase)
{
int Index = -1;
List<int> Result = new List<int>();
string T, F;
if (IgnoreCase)
{
T = Text.ToUpperInvariant();
F = ToFind.ToUpperInvariant();
}
else
{
T = Text;
F = ToFind;
}
do
{
Index = T.IndexOf(F, Index + 1);
Result.Add(Index);
}
while (Index != -1);
Result.RemoveAt(Result.Count - 1);
return Result;
}
/// <summary>
/// Implemented - returns all the strings in uppercase invariant.
/// </summary>
public static string[] ToUpperAll(this string[] Strings)
{
string[] Result = new string[Strings.Length];
Strings.ForEachIndex(i => Result[i] = Strings[i].ToUpperInvariant());
return Result;
}
In addition to Tim's entry, in case you have padding on either side, or multiple spaces beside each other:
Int32 words = somestring.Split( // your string
new[]{ ' ' }, // break apart by spaces
StringSplitOptions.RemoveEmptyEntries // remove empties (double spaces)
).Length; // number of "words" remaining
using namespace;
namespace Application;
class classname
{
static void Main(string[] args)
{
int count;
string name = "I am the student";
count = name.Split(' ').Length;
Console.WriteLine("The count is " +count);
Console.ReadLine();
}
}
if you need whitespace count only try this.
string myString="I Love Programming";
var strArray=myString.Split(new char[] { ' ' });
int countSpace=strArray.Length-1;
How about indirectly?
int countl = 0, countt = 0, count = 0;
foreach(char c in str)
{
countt++;
if (char.IsLetter(c))
{
countl++;
}
}
count = countt - countl;
Console.WriteLine("No. of spaces are: "+count);
My current project handles large numbers of incoming radio messages (~5M per day) represented as strings that must be then divided into pre-determined sized chunks, ready for storage.
For example, a message will come in the following format:
mzIIIICCssss
Each different char represents a chunk, so this example holds 5 chunks (m, z, IIII, CC, ssss).
An example of a message using the format could be:
.91234NE0001 (., 9, 1234, NE, 0001)
I've used substring so far but have been told this is not as efficient as say regular expressions. If this is the case, how can I use regex to match at char positions, instead of a semantic pattern?
Substring is much faster than a regex. Since all you are trying to do is separate a string into fixed-size chunks, just use Substring.
cHao's comment gave me another idea. You could use the string(char[], int, int) constructor, somewhat like this:
string message = ".91234NE0001";
char[] messageArr = message.ToCharArray();
string chunk1 = new string(messageArr, 0, 1);
string chunk2 = new string(messageArr, 1, 1);
string chunk3 = new string(messageArr, 2, 4);
string chunk4 = new string(messageArr, 6, 2);
string chunk5 = new string(messageArr, 8, 4);
You can probably give the variables better names :)
This is the manual way of doing what Substring is doing. I thought it would be faster than the Substring method, but I was thinking of the wrong approach previously. It will probably be about the same speed.
I think the most efficient that you'll be able to achieve without dropping to native code is with unsafe code.
private static IEnumerable<string> ExtractChunksUnsafe(string format, string data)
{
if(format.Length != data.Length)
throw new ArgumentException("Format length must match Data length");
if(data.Length == 0)
throw new ArgumentException("Invalid Data length");
char prevFormat = '\0';
char currentFormat = format[0];
var chunks = new List<string>();
var builder = new StringBuilder();
unsafe
{
fixed(char * indexer = data)
{
var index = -1;
while(data.Length > ++index)
{
prevFormat = currentFormat;
currentFormat = format[index];
if(currentFormat != prevFormat)
{
chunks.Add(builder.ToString());
builder.Clear();
}
builder.Append((*(indexer + index)));
}
chunks.Add(builder.ToString());
builder.Clear();
}
}
return chunks;
}
Comparison:
private static IEnumerable<string> ExtractChunks(string format, string data)
{
if(format.Length != data.Length)
throw new ArgumentException("Format length must match Data length");
if(data.Length == 0)
throw new ArgumentException("Invalid Data length");
char prevFormat = '\0';
char currentFormat = format[0];
var prevIndex = 0;
var index = 1;
var message = data.ToCharArray();
var chunks = new List<string>();
while(data.Length > index)
{
prevFormat = currentFormat;
currentFormat = format[index];
if(currentFormat != prevFormat)
{
chunks.Add(new string(message, prevIndex, index - prevIndex));
prevIndex = index;
}
index++;
}
chunks.Add(new string(message, prevIndex, index - prevIndex));
return chunks;
}
Sample:
string format = "mzIIIICCssss";
string data = ".a9876NE9001";
var chunks = ExtractChunks(format, data);
foreach(var message in chunks)
{
Console.WriteLine(message);
}
Benchmark:
string format = "mzIIIICCssss";
string data = ".a9876NE9001";
// Warmup CLR
ExtractChunksUnsafe(format, data);
ExtractChunks(format, data);
TimeSpan unsafeCode;
TimeSpan safeCode;
var timer = Stopwatch.StartNew();
for(int i = 0; i < 10000000; i++)
{
ExtractChunksUnsafe(format, data);
}
unsafeCode = timer.Elapsed;
timer.Restart();
for(int i = 0; i < 10000000; i++)
{
ExtractChunks(format, data);
}
safeCode = timer.Elapsed;
timer.Stop();
Console.WriteLine("Unsafe time {0}", unsafeCode);
Console.WriteLine("Safe time {0}", safeCode);
Result:
Unsafe time 00:00:04.8551136
Safe time 00:00:03.1786573
Even modifying the Unsafe body:
unsafe
{
fixed(char * indexer = data)
{
var prevIndex = 0;
var index = 1;
while(data.Length > index)
{
prevFormat = currentFormat;
currentFormat = format[index];
if(currentFormat != prevFormat)
{
chunks.Add(new string(indexer, prevIndex, index - prevIndex));
prevIndex = index;
}
index++;
}
chunks.Add(new string(indexer, prevIndex, index - prevIndex));
}
}
Will still result in slower time Unsafe time 00:00:03.4565302.
Ignoring questions of which solution is most efficient, here is a regex that will match the format given in the question (mzIIIICCssss)
(?<m>.)(?<z>.)(?<IIII>.{4})(?<CC>.{2})(?<ssss>.{4})
This will capture one character in a group called "m", the next character in a group called "z", the next 4 characters in a group called "IIII", the next 2 in "CC", and the next 4 in "ssss".
As far as performance, if the code you have right now isn't fast enough, and you've determined the string handling is the problem by profiling it, then look for faster replacements.
I'm trying to generate a 16 chars random string with NO DUPLICATE CHARS. I thoght that it shouldn't be to hard but I'm stuck.
I'm using 2 methods, one to generate key and another to remove duplicate chars. In main I've created a while loop to make sure that generated string is 16 chars long.
There is something wrong with my logic because it just shoots up 16-char string
with duplicates. Just can't get it right.
The code:
public string RemoveDuplicates(string s)
{
string newString = string.Empty;
List<char> found = new List<char>();
foreach (char c in s)
{
if (found.Contains(c))
continue;
newString += c.ToString();
found.Add(c);
}
return newString;
}
public static string GetUniqueKey(int maxSize)
{
char[] chars = new char[62];
chars =
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890".ToCharArray();
byte[] data = new byte[1];
RNGCryptoServiceProvider crypto = new RNGCryptoServiceProvider();
crypto.GetNonZeroBytes(data);
data = new byte[maxSize];
crypto.GetNonZeroBytes(data);
StringBuilder result = new StringBuilder(maxSize);
foreach (byte b in data)
{
result.Append(chars[b % (chars.Length)]);
}
return result.ToString();
}
string builder = "";
do
{
builder = GetUniqueKey(16);
RemoveDuplicates(builder);
lblDir.Text = builder;
Application.DoEvents();
} while (builder.Length != 16);
Consider implementing shuffle algorithm with which you will shuffle your string with unique characters and then just pick up first 16 characters.
You can do this in-place, by allocating single StringBuffer which will contain your initial data ("abc....") and just use Durstenfeld's version of the algorithm to mutate your buffer, than return first 16 chars.
There are many algorithms for this.
One easy one is:
Fill an array of chars with the available chars.
Shuffle the array.
Take the first N items (where N is the number of characters you need).
Sample code:
using System;
namespace ConsoleApplication2
{
internal class Program
{
private static void Main(string[] args)
{
var chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890".ToCharArray();
Random rng = new Random();
for (int i = 0; i < 10; ++i)
{
string randomString = RandomString(16, chars, rng);
Console.WriteLine(randomString);
}
}
public static string RandomString(int n, char[] chars, Random rng)
{
Shuffle(chars, rng);
return new string(chars, 0, n);
}
public static void Shuffle(char[] array, Random rng)
{
for (int n = array.Length; n > 1; )
{
int k = rng.Next(n);
--n;
char temp = array[n];
array[n] = array[k];
array[k] = temp;
}
}
}
}
const string chars =
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";
var r = new Random();
var s = new string(chars.OrderBy(x => r.Next()).Take(16).ToArray());
I am using a GUID generation method it itself generates random strings and you can modify it if a number appears in the beginning,
use the code given below:
string guid = System.Guid.NewGuid().ToString("N");
while (char.IsDigit(guid[0]))
guid = System.Guid.NewGuid().ToString("N");
Hope that helps.
See if this helps:
RandomString()
{
string randomStr = Guid.NewGuid().ToString();
randomStr = randomStr.Replace("-", "").Substring(0, 16);
Console.WriteLine(randomStr);
}
This returns alpha-numeric string.
I am using this logic to generate random string. How do I force this to have at least one numeric digit in it?
var charsALL = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
var randomIns = new Random();
var resultGenerated = new string(
Enumerable.Repeat(charsALL, 6)
.Select(stringgen => stringgen[randomIns.Next(stringgen.Length)])
.ToArray());
return resultGenerated.ToString();
var charsALL = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
var randomIns = new Random();
int N = 6;
var rndChars = Enumerable.Range(0, N)
.Select(_ => charsALL[randomIns.Next(charsALL.Length)])
.ToArray();
rndChars[randomIns.Next(rndChars.Length)] = "0123456789"[randomIns.Next(10)];
var randomstr = new String(rndChars);
You can check if it contains a digit with:
while(!resultGenerated.Any(c => Char.IsDigit(c)))
{
// try again until you have a digit
}
I think that the faster solution is insert a random number at a random position into the string:
char[] chars = Enumerable.Repeat( charsALL, 6 )
.Select( stringgen => stringgen[ randomIns.Next( stringgen.Length ) ] )
.ToArray( );
if (!chars.Any(c => Char.IsDigit(c)))
chars[ randomIns.Next( chars.Length ) ] = randomIns.Next( 10 ).ToString( )[ 0 ];
return new string(chars);
You could randomize with the asci codes of a-z, A-Z and 0 -9
public static string GetRandomString(int randomStrLength)
{
Random rand = new Random(DateTime.Now.Millisecond);
char[] randomString = new char[randomStrLength];
int randCode = 0;
bool containsDigit = false;
while (containsDigit == false)
{
for (int i = 0; i < randomStrLength; i++)
{
// Get random asci codes (allowed: a-z, A-Z, 0-9)
do
{
randCode = rand.Next(48, 122);
}
while (randCode > 57 && randCode < 65 || randCode > 90 && randCode < 97);
randomString[i] = (char)randCode;
// We want at least one digit.
if (randCode >= 48 && randCode <= 57)
{
containsDigit = true;
}
}
}
return new String(randomString);
}
generate your random string
generate a random digit between 0 and 9
insert the random digit at a random index of your string.
If that's not random enough for you, than I'm afraid you'll have to stick with Tim's answer.
My version (Tried and Tested) ;)
namespace PasswordGenerator
{
class Program
{
static void Main(string[] args)
{
Console.WriteLine("Your new password is : " + CreateRandomPassword(8));
Console.ReadLine();
}
private static string CreateRandomPassword(int passwordLength)
{
string allowedChars = "abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ0123456789!#$?_-";
char[] chars = new char[passwordLength];
Random random = new Random();
bool containsNum = false;
do {
for (int i = 0; i < passwordLength; i++)
{
chars[i] = allowedChars[random.Next(0, allowedChars.Length)];
if(Char.IsDigit(chars[i])){
containsNum = true;
}
}
} while(!containsNum);
return new string(chars);
}
}
}
I dont know if this helps but this is my class I use to generate a random string. In my use of it before the string is generated there are checkboxes to decide if it has to have at least 1 upper case/symbols/digit etc. May be long winded for some but it does the job for me.
class RandomString
{
private bool m_HasCaps;
private bool m_HasNumbers;
private bool m_HasSymbols;
private int m_StringLength;
private string characterString;
private string randomString;
//Set possible characters to char array rather than a string for potential future method involving chars
private char[] lower = "abcdefghijklmnopqrstuvwxyz".ToCharArray();
private char[] upper = "ABCDEFGHIJKLMNOPQRSTUVWXYZ".ToCharArray();
private char[] numbers = "0123456789".ToCharArray();
private char[] symbols = "!£$%&()<>[]?#-+=".ToCharArray();
/// <summary>
/// The returned string can contain just lowercase or a mixture of upper, digits and symbols depending on params and
/// the lenght of the string return can also be set
/// </summary>
/// <param name="caps">Does the string need to conatain at least 1 upper case</param>
/// <param name="nums">does the string need to contain at least 1 numeral</param>
/// <param name="symbols">does the string need to contain at least 1 symbol</param>
/// <param name="length">the length of the string to return </param>
public RandomString(bool caps, bool nums,bool symbols,int length)
{
m_HasCaps = caps;
m_HasNumbers = nums;
m_HasSymbols = symbols;
m_StringLength = length;
}
public string CreatePassword()
{
BuildCharacterstring();
BuildRandomString();
return randomString;
}
//Check to see what the string must contain and add those characters to the
//Character string
private void BuildCharacterstring()
{
characterString = new string(lower);
if (m_HasCaps)
{
string upperString = new string(upper);
characterString += upperString;
}
if (m_HasNumbers)
{
string numberString = new string(numbers);
characterString += numberString;
}
if (m_HasSymbols)
{
string symbolString = new string(symbols);
characterString += symbolString;
}
}
//
private void BuildRandomString()
{
Random rdm = new Random();
bool validPassword = false;
while (validPassword == false)
{
//blank the string before each run otherwise you end up with double the characters
randomString = "";
for (int x = 0; x < m_StringLength; x++)
{
//select a char from the password character string
int place = rdm.Next(0, characterString.Length);
char character = characterString[place];
randomString += character;
}
//Check that the password has the appropriate characters
validPassword = CheckParams();
}
}
//checks that each required preference is met and that the string includes at least 1 of what
//is selected. If the parameter is not required ie symbols are not required set it to true to pass
//the test anyway.
private bool CheckParams()
{
bool capsPassed;
bool numeralPassed;
bool symbolPassed;
bool lowerPassed;
//If caps are not required set to true to pass the test automatically
if(m_HasCaps == false)
{
capsPassed = true;
}
else
{
//check if the password contains an uppercase letter
capsPassed = (randomString.Any(char.IsUpper)) ? true : false;
}
if(m_HasNumbers == false)
{
numeralPassed = true;
}
else
{
numeralPassed = (randomString.Any(char.IsDigit)) ? true : false;
}
if(m_HasSymbols == false)
{
symbolPassed = true;
}
else
{
symbolPassed = (randomString.Any(char.IsSymbol)) ? true : false;
}
lowerPassed = (randomString.Any(char.IsLower)) ? true : false;
//All 4 must pass to return true and stop password generation
if (capsPassed && numeralPassed && symbolPassed &&lowerPassed)
{
return true;
}
else
{
return false;
}
}
}
I am making a password generator that generates a random number, then I have it converted to a letter using ascii. Inside the for loop, I need the letters to convert a string instead of a list. It works, but it just displays random letters as a list.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading;
class MainClass
{
static void Main()
{
int x = 1;
int length;
string a = "Press any key to continue";
object num;
while (x == 1)
{
Console.WriteLine("How many Characters would you like the Password to be? (Press -1 to Stop)");
length = Convert.ToInt32(Console.ReadLine());
try
{
for (int i = 0; i < length; i++)
{
int num1 = Number();
Int32 ASCII = num1;
num = (char)num1;
if (length > 0)
{
Console.WriteLine(num);
}
}
}
catch
{
Console.WriteLine(a);
}
if (length == -1)
break;
}
}
static Random _r = new Random();
static int Number()
{
return _r.Next(65, 90); // decimal
}
}
StringBuilder sb = new StringBuilder();
for( int i = 0; i < length; i++ )
{
int num1 = Number();
Int32 ASCII = num1;
num = (char)num1;
sb.Append( num );
}
Console.WriteLine( sb.ToString() );
This isn't how I would build a password nor how I would generate random text, but this will give you a string and answer the original question.
As to how I would do this task:
System.Security.Cryptography.RNGCryptoServiceProvider _crypto = new System.Security.Cryptography.RNGCryptoServiceProvider();
byte[] bytes = new byte[8]; // this array can be larger if desired
_crypto.GetBytes( bytes );
ulong randomNumber = (ulong)BitConverter.ToInt64( bytes, 0 );
// convert to a string with the encoding of your choice; I prefer Base 62
For completeness sake, here's a Base62 algorithm which I use. Base62 has the advantage over the more commonly-used Base64 in that it does not include any special characters so it is easy to use in query strings, HTML, and JavaScript (with a few minor caveats). Of course, passwords shouldn't be used in any of those places, and you may want to include special characters to make a password more complex.
Regardless, here is how I convert random numbers to Base62.
private static readonly char[] _base62Characters = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ".ToCharArray();
public static string ToBase62String( long value )
{
if( value < 0L )
{
throw new ArgumentException( "Number must be zero or greater." );
}
if( value == 0 )
{
return "0";
}
string retVal = "";
while( value > 0 )
{
retVal = _base62Characters[value % 62] + retVal;
value = value / 62;
}
return retVal;
}
Lastly, I want to point out that passwords should very rarely be generated for any purpose, because that means they are being distributed in some form. Passwords should be hashed and salted; password resets should rely on random, expiring security tokens allowing the user a one-time reset. Passwords should never be emailed to a user; passwords should never be stored in plaintext or any reversible format.
For password reset token generation, the code I provided could work nicely because it produces a large, cryptographically random number encoded with a web-safe format. But even a hashed GUID would do the trick in that case.
var sb = new StringBuilder();
for (int i = 0; i < length; i++) {
sb.Append((char)Number());
}
string password = sb.ToString();
Console.WriteLine(password );
But I would change your Number() method to:
private static char GetRandomChar()
{
return (char)_r.Next(65, 90);
}
and then replace the line inside the loop:
sb.Append(GetRandomChar());
//You have to append the values generated by the RandomNumber in to your password variable
class MainClass
{
static void Main()
{
int x = 1;
int length;
string a = "Press any key to continue";
string num=string.Empty;
while (x == 1)
{
Console.WriteLine("How many Characters would you like the Password to be? (Press -1 to Stop)");
length = Convert.ToInt32(Console.ReadLine());
try
{
for (int i = 0; i < length; i++)
{
int num1 = Number();
Int32 ASCII = num1;
num =num+ ((char)num1);
}
Console.WriteLine(num);
}
catch
{
Console.WriteLine(a);
}
if (length == -1)
break;
}
}
static Random _r = new Random();
static int Number()
{
return _r.Next(65, 90); // decimal
}
}
you can try this one
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
namespace PasswordSample
{
class Program
{
static void Main(string[] args)
{
Console.WriteLine("Generated password: {0}", GeneratePassword(12, true));
}
/// <summary>
/// Generate a random password
/// </summary>
/// <param name="pwdLenght">Password lenght</param>
/// <param name="nonAlphaNumericChars">Indicates if password will include non alpha-numeric</param>
/// <returns>Return a password</returns>
private static String GeneratePassword(int pwdLenght, bool nonAlphaNumericChars)
{
// Allowed characters
String allowedChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
if (nonAlphaNumericChars)
{
// Add non-alphanumeric chars
allowedChars += "-&##%!*$?_";
}
char[] passwordChars = new char[pwdLenght];
Random rnd = new Random();
// Generate a random password
for (int i = 0; i < pwdLenght; i++)
passwordChars[i] = allowedChars[rnd.Next(0, allowedChars.Length)];
return new String(passwordChars);
}
}
}
just define a string at near int x...
like
String Password = "";
and in the if statement appent the keyyword.
if (length > 0)
{
Console.WriteLine(num);
Password+=num
}
I found the following post useful when I had to create a method to generate a random password:
https://stackoverflow.com/a/730352/1015289
However, when I wanted to create a short 'validation' style code which would be emailed to a user to confirm their details, I wanted to restrict the validation code to only 8 characters.
For this I used the following:
string validationCoce = Guid.NewGuid().ToString().Substring(0, 8);
This would be stored in a database which also held the users email, both encrypted before being stored for security purposes.
Both the email and validation code were required to validate the users account.
Hope either of the above help?
Kind Regards, Wayne
use Console.Write() instead of Console.WriteLine() otherwise append to some string and print outside the loop