Beefy Boxes and Bandwidth Generously Provided by pair Networks DiBona
laziness, impatience, and hubris
 
PerlMonks  

Password (pseudo)casual

by cisco88 (Sexton)
on Jan 23, 2013 at 15:03 UTC ( #1014922=perlquestion: print w/ replies, xml ) Need Help??
cisco88 has asked for the wisdom of the Perl Monks concerning the following question:

Hi all,
I wrote this simple code to create a password.

perl -e '@lett = (a..z); $len = "$#lett"; foreach (1..20) {print $lett[rand($len) % $len + 3 ];} print "\n";'

Given that I only read half chapter 1 of "Programming in Perl" and maybe more complex solutions aren't yet in my grasp.. how you'd do it?

Thanks and have a good day.

-- Luca Francesca
<luca.francesca@ciscoland.eu>
SysAdmin/Integrator
@
Vodafone Italy & Ntt Data

Comment on Password (pseudo)casual
Download Code
Re: Password (pseudo)casual
by Corion (Pope) on Jan 23, 2013 at 15:19 UTC

    Your generator cannot generate a password with the letters a, b or c due to the +3 when selecting the random letter. See rand, which already returns a number in the range from 0..$len.

    The variable $len is named wrong - it has the last index of @lett, not the number of elements in the array. This means that your password generator would never output the last element from @lett if it weren't for the + 3 from the previous step. I would use:

    $len = @lett;

    ... which assigns to $len the number of elements in @lett.

    Other than that, using double quotes in a simple assignment is weird unless you have a special reason to do so - and if you are starting with Perl just now, those special reasons ("stringification") are still far away. So, no assignment should be of the form

    $foo = "$bar";

    and always of the form

    $foo = $bar;
      Thanks.
      The use of "$.." comes from the bash programming.
      Thinking about what you said made me realize that, indeed, the +3 is more damage than else.
      -- Luca Francesca <luca.francesca@ciscoland.eu> SysAdmin/Integrator @ Vodafone Italy & Ntt Data
Re: Password (pseudo)casual
by Athanasius (Prior) on Jan 23, 2013 at 15:39 UTC

    Hello cisco88, and welcome to the Monastery!

    In addition to the excellent points made by Corion...

    It’s always a good idea to:

    use strict; use warnings;

    in any Perl script. For one-liners, you can do:

    perl -Mstrict -we ...

    to get the same benefit. In this case, warnings would have given you messages of the form:

    Use of uninitialized value in print...

    which arise because the expression rand($len) % $len + 3 sometimes generates array indexes beyond the end of the @lett array.

    Get in the habit of always using strict and warnings now, and you will save yourself a lot of time and grief in the future!

    Hope that helps,

    Athanasius <°(((><contra mundum Iustus alius egestas vitae, eros Piratica,

      Thanks for the tips and the welcome.
      Il surely use them. The more I can fix at firts writing, the better it is :)
      -- Luca Francesca
      <luca.francesca@ciscoland.eu>

      SysAdmin/Integrator
      @
      Vodafone Italy & Ntt Data
Re: Password (pseudo)casual
by davido (Archbishop) on Jan 23, 2013 at 18:04 UTC

    It looks like you're trying to get a 20-character random password generated using the characters from 'a' through 'z'. Here's a solution that uses Bytes::Random::Secure:

    perl -MBytes::Random::Secure=random_string_from -E 'say random_string_ +from( join("", "a" .. "z" ), 20 );'

    Bytes::Random::Secure uses Math::Random::ISAAC as the Random Number Generator, and relies on Crypt::Random::Source to generate a strong seed for the ISAAC generator. The random_string_from function takes care to be free from modulo bias regardless of source string length.

    The current release of Bytes::Random::Secure on CPAN has a sort of hefty dependency chain due to its use of Crypt::Random::Source. The next release (due out in a few days) will replace Crypt::Random::Source with Dana Jacobsen's new Crypt::Random::Seed, which is designed to some degree with Bytes::Random::Secure in mind. It has core-only dependencies, provides better fall-backs and portability than Crypt::Random::Source. The next version of Bytes::Random::Secure (watch for v0.20) will also provide an OO interface alongside the functions interface for times when the user requires more control over how ISAAC is seeded.


    Dave

      Thanks :)
      -- Luca Francesca
      <luca.francesca@ciscoland.eu>
      SysAdmin/Integrator
      @
      Vodafone Italy & Ntt Data
Re: Password (pseudo)casual
by karlgoethebier (Deacon) on Jan 24, 2013 at 19:29 UTC

    Just a variation on this theme using the buildin features:

    #!/usr/bin/perl + use strict; use warnings; my ( @l, @u, @n, @s, @p, $i, $j ); open( URANDOM, "</dev/urandom" ) || die $!; read( URANDOM, $_, 4 ); close URANDOM; srand( unpack( "L", $_ ) ); @l = ( "a" .. "z" ); @u = ( "A" .. "Z" ); # @n = ( 0 .. 9 ); + # @s = ( + # '#', ',', ' ', + # qw( ! " $ % & ' ( ) * + - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~ + ) # ); + push( @p, splice( @l, int( rand(@l) ), 1 ) ) for ( 1 .. 10 ); push( @p, splice( @u, int( rand(@u) ), 1 ) ) for ( 1 .. 10 ); # push( @p, splice( @l, int( rand(@l) ), 1 ) ) for ( 1 .. 3 ); + # push( @p, splice( @u, int( rand(@u) ), 1 ) ) for ( 1 .. 3 ); + # push( @p, splice( @n, int( rand(@n) ), 1 ) ) for ( 1 .. 2 ); + # push( @p, splice( @s, int( rand(@s) ), 1 ) ) for ( 1 .. 2 ); + for ( $i = @p ; --$i ; ) { $j = int( rand( $i + 1 ) ); next if $i == $j; @p[ $i, $j ] = @p[ $j, $i ]; } print join( "", @p ) . qq(\n); __END__

    Regards, Karl

    «The Crux of the Biscuit is the Apostrophe»

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://1014922]
Front-paged by Lotus1
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others making s'mores by the fire in the courtyard of the Monastery: (8)
As of 2014-04-17 06:49 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    April first is:







    Results (440 votes), past polls