Resource Inspector
There are several resource editing utilities that are freely available, so why another one? Because I have found, in my work as a consultant, that many companies refuse to allow use of such utilities, out of fear that the exe or dll might be accidentally changed, and the change would not be noticed. Resource Inspector is a read-only utility, meaning that the PE file is opened only for read, and cannot be modified in any way.There are many reasons to inspect the resources of a PE file, especially in products that are offered in multiple end-user configurations, or that may include support for several languages. With Resource Inspector, it is easy to check for a particular resource and language id:
Here is the .rc file which created the GIF, PNG and RT_BITMAP types:
///////////////////////////////////////////////////////////////////////////// // // Bitmap // BMPIMAGE BITMAP DISCARDABLE "background.bmp" ///////////////////////////////////////////////////////////////////////////// // // GIF // GIFIMAGE GIF DISCARDABLE "logo.gif" ///////////////////////////////////////////////////////////////////////////// // // PNG // PNGIMAGE PNG DISCARDABLE "logo.png"
many occasions when you need to generate a large number of passwords – for example, when testing online systems. Depending on the software involved, you need to be able to configure the size and content of the passwords; the option to include special symbols (non-alphabetic characters) is especially important.
Microsoft has what they call password complexity requirements:
This security setting determines whether passwords must meet complexity requirements.
If this policy is enabled, passwords must meet the following minimum requirements when they are changed or created:
- Not contain significant portions of the user's account name or full name
- Be at least six characters in length
- Contain characters from three of the following four categories:
- English uppercase characters (A through Z).
- English lowercase characters (a through z).
- Base 10 digits (0 through 9).
- Non-alphabetic characters (for example, !, $, #, %).
The Random Password Generator App
The Random Password Generator allows you to configure the size, number, and content of generated passwords:
The user interface has these options:
- Password length - the number of random characters (lower-case letters and numbers) that will be generated for each password.
- Number of passwords - the number of passwords that will be generated at one time. Even if you only need one password, it's useful to be able to choose from several alternatives.
- Hyphens - if you don't want any hyphen separators, set this to zero. To enhance readability, you can choose to add hyphens. In the screenshot above, the hyphens are inserted after every 4th character.
-
Include special symbols - this allows you to include special symbols, which may be selected with the Select Special Symbols dialog (which uses a larger font to enhance viewability of small symbols):
Implementation Details
In GenerateRandomPassword.cpp, you will find two functions:GenerateRandomPassword(), which assembles N random characters and then inserts hyphens, and GenerateRandomPasswordChar(), which returns a valid random character. The valid random characters I chose are the simplest possible: upper- and lower-case letters and numbers (base 10 digits).
I excluded upper- and lower-case 'O', zero, lower-case l, and 1, since these characters are hard to distinguish in some fonts.
You can optionally specify special symbols.
Here is the function header for GenerateRandomPassword():
// GenerateRandomPassword() // // Purpose: Generate a random password with optional hyphens // // Parameters: nLength - password length in TCHARs; does not // include hyphens. // nHyphen - hyphen insert point; hyphens will be // inserted every nHyphen characters. A 0 // value will suppress hyphen insertion. // bSymbols - TRUE = use special symbols (the valid // special symbols should be included in the // lpszValidCharacters string). // lpszValidCharacters - nul-terminated string that contains all // of the valid characters, including special // symbols (if allowed). // // Returns: CString - password string with embedded hyphens, if // specified // // Notes: All passwords returned by GenerateRandomPassword() will contain // a minimum of one lower-case letter, one upper-case letter, and // one digit. If bSymbols is TRUE, the password will also contain // at least one special symbol. It is up to the caller to ensure // that lpszValidCharacters contains at least one of each of the // character categories that will be expected.
Testing Password Strength
Microsoft has a free password checker that you can use to check how strong a password is.Here is its test of the password abcdefgh:
Adding an upper-case letter gives this:
And adding a number gives this:
A password like Ut95-hj36-eiHa-NQ5q will get the highest score:
References
- Passwords must meet complexity requirements
- Windows Server 2008 Security Guide: Domain Policy Settings
- FIPS 112: Password Usage
- FIPS 181: Automated Password Generator
- Password strength
- Microsoft password checker
Revision History
Version 1.0 - 2009 May 29
- Initial release.
Buy latest version
| Buy XDumpResources license – $20.00 (includes full source code) |