PHP: Free password generator code to generate random passwords of varying lengths for web applications

December 5th, 2009

Here is some php script you can use to create a password generator on your server, computer or web site. The html form uses a php action to point back to itself. There is a working version here: Password Generator.

Passwords and userids are hard to create. Being human we tend to follow the path of least resistance. In regard to passwords and userids, we tend to follow distinctive patterns in their creation. Using a password and userid generator enables you to use the strength of a computer to create random passwords and userids.

All this script goes on one page. Open a new file and call it whatever you want as long as it has a .php extension. Here is the form part of the script:

<html>
<body>
<form name="create_password" action=" <?php echo $_SERVER['PHP_SELF']
 ?> " method="post">
<table align="center"><tr><th colspan="2">
Select a length and complexity to create a password.
You <br />can also use this to generate userids, because userids
<br /> should also be unique. NOTE: The passwords are randomly
<br /> generated, so you have the only record.<br />
<i> Make sure you write the password down!</i></th></tr>
<tr><td valign="top" align="left">
<label style="font-weight:bold;text-decoration:underline">Length
</label><br />
<input type="radio" name="length" value="4" >4 characters<br />
<input type="radio" name="length" value="8" >8 characters<br />
<input type="radio" name="length" value="12" checked >12 characters
<br />
<input type="radio" name="length" value="16" >16 characters<br />
<input type="radio" name="length" value="20" >20 characters<br />
</td><td valign="top">
<label style="font-weight:bold;text-decoration:underline">Characters
</label><br />
<input type="radio" name="characters" value='1'>numbers<br />
<input type="radio" name="characters" value="2" >letters<br />
<input type="radio" name="characters" value="3" checked >numbers
and letters<br />
<input type="radio" name="characters" value="4">numbers, letters
and characters<br />
</td></tr><tr><td colspan="2"><input type="submit" name="submit"
value="Get Password">
</form>

Once you have this code pasted into the file with the .php extension it is now time to add the php code that makes this work. Here it is:

<?php
function passwdgen(){
$passlength="";
$characters="";
$mypasswd="";
$mystring="";
$passlength=$_POST['length'];
$characters=$_POST['characters'];
switch ($characters){
case 1:
	while ($passlength){
	$mystring = mt_rand(0,9);
	$mypassword = $mypassword . $mystring;
	$passlength--;
	}
	break;
case 2:
	while ($passlength){
	$letter_array = array("a","b","c","d","e","f","g",
	"h","i","j","k","l","m","n","o","p","q","r","s","t"
	,"u","v","w","x","y","z","A","B","C","D","E","F","G",
	"H","I","J","K","L","M","N","O","P","Q","R","S","T",
	"U","V","W","X","Y","Z");
	$myletterstring = $letter_array[mt_rand(0,52)];
	$mypassword = $mypassword . $myletterstring;
	$passlength--;
	}
	break;
case 3:
while ($passlength){
	$letter_number_array = array("a","b","c","d","e","f","g",
	"h","i","j","k","l","m","n","o","p","q","r","s","t","u",
	"v","w","x","y","z","A","B","C","D","E","F","G","H","I",
	"J","K","L","M","N","O","P","Q","R","S","T","U","V","W",
	"X","Y","Z", "0","1","2","3","4","5","6","7","8","9");
	$myletterandnumberstring =
        $letter_number_array[mt_rand(0,61)];
	$mypassword = $mypassword . $myletterandnumberstring;
	$passlength--;
	}
	break;
case 4:
	while ($passlength){
	$letter_number_character_array = array("a","b","c","d","e"
        ,"f","g","h","i","j","k","l","m","n","o","p","q","r","s","t"
        ,"u","v","w","x","y","z","A","B","C","D","E","F","G","H","I",
	"J","K","L","M","N","O","P","Q","R","S","T","U","V","W",
	"X","Y","Z", "0","1","2","3","4","5","6","7","8","9", "!",
        "#","$","(",")","+","/");
	$myletternumbercharacter =
$letter_number_character_array[mt_rand(0,68)];
	$mypassword = $mypassword . $myletternumbercharacter;
	$passlength--;
	}
	break;
}
return  $mypassword;
}
?>
</td></tr><tr><th colspan="2">
 <?php echo "PASSWORD: " . passwdgen(); ?>
</th></tr></table>
</body>
</html>

Once you have that code pasted under the form script, save the document and open the php file in a web browser and you should be able to start working with generating your own passwords and userids. You will need to change the special characters to ASCII or the PHP interpreter may give you difficulties.

If it does not work make sure you are opening the page on a web server that supports php. With Apache, that might mean moving the file to the /var/www directory on your system and going to localhost/file_name.php.

Enjoy and do not let creating passwords and userid become a problem any more. Here is the link once more for the working version of this script: Password Generator.

As always, please check out this web sites sponsors so we can keep bringing you this information.

Tags: , , , ,
Posted in PHP | Comments Off

Apache: setting up ldap for authentication for Nagios

December 3rd, 2009

We already have LDAP running in my environment. So, with SLES 10 SP3 and Apache here is a quick way to get your web based Nagios application using your LDAP system.

  1. Set up your nagios.conf file under /etc/apache2/conf.d
  2. Add the following lines to the nagios share <Directory> 
       AuthName   LDAP_Auth_Test
   AuthBasicProvider ldap
   AuthzLDAPAuthoritative off
   AuthLDAPBindDN uid=your user name,dc=your domain,dc=com
   AuthLDAPBindPassword  password for your user name
   AuthLDAPURL ldap://ldap.com:389/dc=your value
,dc=your value,dc=com?uid?
  3. Change the permissions on the nagios.conf file to 400 with the Apache user as the owner. The reason is for security and the only user that needs to read the file is Apache. Don’t worry, root will be able to modify the file.
  4. Vi /etc/sysconfig/apache2 and add the following to the APACHE_MODULES section: authnz_ldap ldap
  5. Start Apache and you are finished. When someone connects to the application, they will receive the authentication text box, so they can enter their userid and password before entering the application.

NOTE: Users are only authenticating against the application. Once they leave the web application, they will be required to authenticate against your proxy server. That is considering you are running Nagios internally with apache on the same host.

Enjoy and I hope this helps.

Tags: , ,
Posted in Apache, Nagios | Comments Off

« Older Entries
Newer Entries »