Jump to content

Sky Slate Blueberry Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate
Photo

Configurable Password Generator


  • Please log in to reply
9 replies to this topic
dinkosta
  • Members
  • 39 posts
  • Last active: Dec 19 2008 07:25 PM
  • Joined: 28 Sep 2005
;;; Author: Dejan Kostic
;;; OS: Windows 98SE
;;; AHK Version: 1.0.40
;;; Date: 27.10.2005

#SingleInstance force 
#NoTrayIcon

Gui,Color, f2f2f2
Gui,add,text,x10 y24 w110,Number of characters:
Gui,add,edit,number x130 y20 w120 voutx,                        ;accepts only numbers
Gui,add,checkbox,vSpecZn x10 y50, &Include special characters   ;ALT+i  activate/deactivate
Gui,Font, S9 Cdefault w600, Verdana
Gui,add,text,x80 y80 w200,Random password:
Gui,Font, S9 Cdefault w500, Arial
Gui,add,edit,limit35 x10 y110 w283 vizl,                        ;limit to 35 characters
Gui,Font, S8 Cdefault w600, Verdana
Gui,add,button,default x79 y146 w56 glup,&OK
Gui,add,button,x153 y146 w83,&Close
Gui,show,center w300 h190,Password Generator
return

lup:
gui,submit,nohide
if outx=
return
if outx>35                                                      
{
MsgBox, Number of characters must not be higher than 35.
return
}
if speczn=1
{
GuiControlGet,brzl,,%outx%
nt:=ploz_sz(outx)
GuiControl,,izl,%nt%
gosub,klip
}
else
{
GuiControlGet,brzl,,%outx%
nt:=ploz(outx)
GuiControl,,izl,%nt%
gosub,klip
}
return

klip:
clipboard=
clipboard=%nt%                                        ;save generated password to clipboard
ClipWait
return

ploz_sz(brzl)
{ 
   spzn=abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890!@#$`%^&*_+?|}{][~/<>-\=©
   StringLen, max, spzn
   Loop 
   { 
      Random, rand, 1, max 
      StringMid, char, spzn, rand, 1 
      IfNotInString, kennw, %char% 
      { 
         kennw = %kennw%%char% 
         if StrLen(kennw)> brzl
            break 
      } 
   } 
   return kennw
} 

ploz(brzl)
{ 
   dozvzn = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890 
      StringLen, max, dozvzn
   Loop 
   { 
      Random, rand, 1, max 
      StringMid, char, dozvzn, rand, 1 
      IfNotInString, kennw, %char% 
      { 
         kennw = %kennw%%char% 
         if StrLen(kennw)> brzl
            break 
      } 
   } 
   return kennw
} 

GuiClose:
GuiEscape:
ButtonClose:
clipboard=                                                   ;empty the clipboard
ExitApp
The user can determine how many characters the password should have and whether to include special characters or not (default is without special characters). The generated password may contain up to 35 characters and will be copied to the clipboard.
In the script I used the function posted by gogogadgetscott and modified it a bit. Perhaps the whole script could be shorter and simpler, but this is what I came up with.
Constructive feedback, bug reports and improvement suggestions (with code example) are welcome.

km_ahk
  • Members
  • 18 posts
  • Last active: May 16 2008 05:15 PM
  • Joined: 23 Oct 2005
Nice script!

But i would add a default ini-Value (make using easier), for example:

Gui,add,edit,number x130 y20 w120 voutx, 8 ;accepts only numbers

And because the string is one char to long you should compare with >=

if StrLen(kennw) >= brzl
regards km

dinkosta
  • Members
  • 39 posts
  • Last active: Dec 19 2008 07:25 PM
  • Joined: 28 Sep 2005
Hi, km_ahk, thank you for the feedback and suggestions.
A default value for the 'Number of characters' field is a good idea. But I think it's not necessary to have an ini file for that purpose, except if you want to have the last used value remembered.
And concerning the >= operator, I'm not sure. As far as I've tested the script, it works equally well with the > and the >= operator.

Laszlo
  • Moderators
  • 4713 posts
  • Last active: Mar 31 2012 03:17 AM
  • Joined: 14 Feb 2005
You could look at also the discussions about the insecurity of the built in random number generator of AHK in here, and an alternative here. As also noted in the first thread, there seems to be no reason to require all letters in the passwords to be different.

dinkosta
  • Members
  • 39 posts
  • Last active: Dec 19 2008 07:25 PM
  • Joined: 28 Sep 2005
Hi, Laszlo.
You are surely right about the security considerations, but I have no idea how to increase the security level of the generated password. Allowing character repetition sounds like a good idea and if that would also increase the password's security level then the script should be adjusted to permit that.

Laszlo
  • Moderators
  • 4713 posts
  • Last active: Mar 31 2012 03:17 AM
  • Joined: 14 Feb 2005
Use RandI() from here

km_ahk
  • Members
  • 18 posts
  • Last active: May 16 2008 05:15 PM
  • Joined: 23 Oct 2005
Hello *,

i have rewritten the script from dinkosta and added an option to get random numbers from www.random.org!
Random.org use "atmospheric noise", picked up by a microphone.
Is that random enough? ;-)

Possible flaws:
The script does not check the data from random.org and so it may show unexpected behavior, if random.org sends garbage.

I use "ccn" to force a reload of the page (to fake IE). This ist not really elegant. I'm not 100% sure, that IE always reads a new page from the server and not a copy from the cache!!??


Chris,

it's possible to add 2 features to "URLDownloadToFile"?

- add an option to force a download from the Internet! (to avoid hassle with "fake IE")
- allow optionally a variable instead of a filename to save the web-data (nice to have...)


;;; dinkosta script - rewritten and added www.random.org: klaus (km_ahk)
;;; get random numbers from www.random.org or from internal random generator
;;; Date: 30.10.2005

#SingleInstance force
#NoTrayIcon

Gui,add,text, x10 y12, Number of characters:
Gui,add,edit, vOutx number y10 w120, 20                          ;accepts only numbers
Gui,add,checkbox, vSpecZn x10 y50, &Include special characters   ;ALT+i  activate/deactivate
Gui,add,checkbox, vUseRandomOrg x10 y70, &Get random numbers from www.random.org ;ALT+g  activate/deactivate
Gui,add,text,x10 y100 w200, Random password (also on Clipboard):
Gui,add,edit, vIzl x10 y120 w280
Gui,add,button, default x79 y150 w56, &OK
Gui,add,button,x153 y150 w83,&Close
Gui,show,center,Password Generator
ccn=99
return

ButtonOK:
    Gui,submit,nohide
    if Outx=
        return
    if (Outx>99 or Outx<1)
    {
        MsgBox, Number of characters must be higher than 0 and not be higher than 99!
        return
    }

    if SpecZn=1
        spzn = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890!"#$&'()*+,-./:;<>=?@_{}|~`%
    else
        spzn = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890

    StringLen, max, spzn
    ccn++                   ;Only to force a reload of the webpage (fake IE)!
    kennw=

    if UseRandomOrg=1       ;get random number from www.random.org
    {
        FileDelete, random.txt
        URLDownloadToFile, http://www.random.org/cgi-bin/randnum?num=%ccn%&min=1&max=%max%&col=1, random.txt
        if ErrorLevel
        {
            MsgBox, Error - no acces to www.random.org!
            kennw=Error
        }
        else
        {
            Loop %Outx%
            {
              FileReadLine, rand, random.txt, A_Index
              StringMid, randomchar, spzn, rand, 1
              kennw = %kennw%%randomchar%
            }
            FileDelete, random.txt
        }
    }
    else                    ;or use internal random generator
    {
        Loop %Outx%
        {
          Random, rand, 1, max
          StringMid, randomchar, spzn, rand, 1
          kennw = %kennw%%randomchar%
        }
    }

    GuiControl,,Izl,%kennw%                                ;show new PW on GUI
    clipboard=
    clipboard=%kennw%                                      ;save generated password to clipboard
    ClipWait, 1
return


GuiClose:
GuiEscape:
ButtonClose:
clipboard=                                                   ;empty the clipboard
ExitApp

Your comments are welcome
regards km

Laszlo
  • Moderators
  • 4713 posts
  • Last active: Mar 31 2012 03:17 AM
  • Joined: 14 Feb 2005

Is that random enough?

Yes, random, but not secure (unless you get the random numbers encrypted). Everybody can see the network packets and so they would know your next password.

Chris
  • Administrators
  • 10727 posts
  • Last active:
  • Joined: 02 Mar 2004
Good point!

it's possible to add 2 features to "URLDownloadToFile"?

- add an option to force a download from the Internet! (to avoid hassle with "fake IE")
- allow optionally a variable instead of a filename to save the web-data (nice to have...)

They would be great to have. I think they're already planned but I'll make sure they're on the to-do list. Thanks.

km_ahk
  • Members
  • 18 posts
  • Last active: May 16 2008 05:15 PM
  • Joined: 23 Oct 2005
Hello,

i'm sorry that i missed that point. I also think, that servers on the track from random.org to my PC could read the data (but not "Everybody", as far as i know).

Thus never use the Option "Get random numbers from www.random.org" for important passwords!
regards km