Hans Dietrich Software

Announcements

A new Terms of Use has been posted.

Recent Updates

• XCrashReport
  • v2.0 Add exception handling and crash reporting to your app. Now with 64-bit support and SMTP (gmail) send.
• XMessageBox
  • v1.13 Fixes problem with modal behavior.
• XDisplayImage 1.3
  • Lightweight API to display icon, bmp, gif, jpg, and png images without using a third-party library or DLL. Now supports overwriting images with standard Win32 text controls.
• XListCtrl
  • v1.6.6 is here! bug fixes and many new features.

New Additions

• XHexViewCtrl
  • Win32 control to display hex data. Customizable display, including colors, fonts, and scrolling marquee.
• XListBoxCS
  • C# listbox with per-item colors, bold, printf-style formatting, autoscroll, and built-in context menu. Perfect for color-coding log output.
• Resource Inspector
  • View resources contained in any Win32 PE file, including custom types, Win32 types, names, and language id.
• XHTMLCtrl
  • Ultra-lean HTML control to display fonts, colors, hyperlinks, and images. Non-MFC control, can be used in MFC or non-MFC app.
• Random Password Generator
  • Generate multiple passwords of any length. Customizable character set
• XDate
  • Gregorian, ISO, and fiscal date classes, 220 APIs, all in one convenient header file. Non-MFC, may be used in any C++ program.
      • CGregorianDate
      • CIsoDate
      • CFiscalDate
    

Links

• Software Catalog
• Contact Us
• Custom Software
• Recommended Tools
• Terms of Use

Random Password Generator

There are many occasions when you need to generate a large number of passwords – for example, when testing online systems. Depending on the software involved, you need to be able to configure the size and content of the passwords; the option to include special symbols (non-alphabetic characters) is especially important.

Microsoft has what they call password complexity requirements:

The Random Password Generator App

The Random Password Generator allows you to configure the size, number, and content of generated passwords:

The user interface has these options:

• Password length - the number of random characters (lower-case letters and numbers) that will be generated for each password.
• Number of passwords - the number of passwords that will be generated at one time. Even if you only need one password, it's useful to be able to choose from several alternatives.
• Hyphens - if you don't want any hyphen separators, set this to zero. To enhance readability, you can choose to add hyphens. In the screenshot above, the hyphens are inserted after every 4th character.
• Include special symbols - this allows you to include special symbols, which may be selected with the Select Special Symbols dialog (which uses a larger font to enhance viewability of small symbols):

  

Implementation Details

In GenerateRandomPassword.cpp, you will find two functions: GenerateRandomPassword(), which assembles N random characters and then inserts hyphens, and GenerateRandomPasswordChar(), which returns a valid random character. The valid random characters I chose are the simplest possible: upper- and lower-case letters and numbers (base 10 digits). I excluded upper- and lower-case 'O', zero, lower-case l, and 1, since these characters are hard to distinguish in some fonts. You can optionally specify special symbols.

Here is the function header for GenerateRandomPassword():

// GenerateRandomPassword()
//
// Purpose:     Generate a random password with optional hyphens
//
// Parameters:  nLength             - password length in TCHARs; does not
//                                    include hyphens.
//              nHyphen             - hyphen insert point;  hyphens will be
//                                    inserted every nHyphen characters.  A 0
//                                    value will suppress hyphen insertion.
//              bSymbols            - TRUE = use special symbols (the valid 
//                                    special symbols should be included in the
//                                    lpszValidCharacters string).
//              lpszValidCharacters - nul-terminated string that contains all
//                                    of the valid characters, including special
//                                    symbols (if allowed).
//
// Returns:     CString             - password string with embedded hyphens, if
//                                    specified
//
// Notes:       All passwords returned by GenerateRandomPassword() will contain
//              a minimum of one lower-case letter, one upper-case letter, and  
//              one digit.  If bSymbols is TRUE, the password will also contain 
//              at least one special symbol.  It is up to the caller to ensure 
//              that lpszValidCharacters contains at least one of each of the 
//              character categories that will be expected.

Testing Password Strength

Microsoft has a free password checker that you can use to check how strong a password is.

Here is its test of the password abcdefgh:

Adding an upper-case letter gives this:

And adding a number gives this:

A password like Ut95-hj36-eiHa-NQ5q will get the highest score:

References

• Passwords must meet complexity requirements
• Windows Server 2008 Security Guide: Domain Policy Settings
• FIPS 112: Password Usage
• FIPS 181: Automated Password Generator
• Password strength
• Microsoft password checker

Revision History

Version 1.0 - 2009 April 24

• Initial release.

Buy latest version

Buy Random Password Generator license – $20.00 (includes full source code)