Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things
 
PerlMonks  

Re: ??Mnemonic Passwords??

by Trimbach (Curate)
on Jan 02, 2003 at 00:01 UTC ( #223648=note: print w/replies, xml ) Need Help??


in reply to ??Mnemonic Passwords??

There's a couple of ways to do this. One way is to simply concatenate the pair of letters onto a scalar variable during the loop, and then "encrypt" the scalar when you're done, like:
my $password; for($i = 1; $i <= 4;$i++){ $password .= $c[int(rand(20))] . $v[int(rand(5))]); } my $encrypted_pass = encryption($password);
..and that's it. Note the "." between the two characters, replacing the comma when you were printing the values to the screen. Hope this helps. :-)

Gary Blackburn
Trained Killer

Replies are listed 'Best First'.
Re: Re: ??Mnemonic Passwords??
by djantzen (Priest) on Jan 02, 2003 at 00:40 UTC

    (Note: for some reason I'm getting logged out when trying to reply to the parent node of this thread, so this isn't really a reply to Trimbach :) What you need is to make sure you are adding your characters to a variable defined in an enclosing scope of your loop. This can be either a global/dynamic variable, or better, a lexical just like Trimbach's example. See What's a reference? What's a variable? What's scope? for an excellent recent discussion. Also, you can skip a step in your array initializations like so:

    my @c = qw/b c d f g .../; my @v = qw/a e i o u/;

    That said, I hope these passwords aren't going to be protecting anything of importance, because they are very weak. The central problem is that there is little entropy, or true randomness, involved in the password generation. Using the current time as a seed is a common technique, but if an attacker determines the clock setting on your server, all of your entropy is gone, and it's just a matter of feeding input values into various functions to find out how you are generating passwords. The fact that you've got alternating consonants and values gives an attacker an easy start.

    Secondly, the "encryption" function is virtually useless because it's a simplistic and static translation. Take a look at the builtin crypt for a good, oneway encryption function.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://223648]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (2)
As of 2021-10-24 20:03 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    My first memorable Perl project was:







    Results (89 votes). Check out past polls.

    Notices?