GeneratePassword Demo
This demo illustrates how to use the code for ASP.NET 2.0's
Membership.GeneratePassword(length, numberOfNonAlphaNumericCharacters)
method in ASP.NET 1.x. I 'borrowed' this code from the 2.0 .NET Framework using Reflector.
One thing to note - numberOfNonAlphaNumericCharacters is the minimum number of non-alphanumeric characters.
Even if you specify, say, 3 non-alphanumeric characters, there may be 3 or more in the resulting, random password...
Note: I tweaked the GetPassword() method in that I removed some of the potentially dangerous non-alphanumeric
characters (namely # and &). ASP.NET 2.0 does a check to ensure that the randomly generated password
can't be used in a cross-site scripting attack, and the characters it checks for is <, #, and
&. I just removed these to avoid needing to include the code for the XSS check...
Source Code
<script language="VB" runat="server">
Function GeneratePassword(ByVal length As Integer, ByVal numberOfNonAlphanumericCharacters As Integer) As String
'Make sure length and numberOfNonAlphanumericCharacters are valid....
If ((length < 1) OrElse (length > 128)) Then
Throw New ArgumentException("Membership_password_length_incorrect")
End If
If ((numberOfNonAlphanumericCharacters > length) OrElse (numberOfNonAlphanumericCharacters < 0)) Then
Throw New ArgumentException("Membership_min_required_non_alphanumeric_characters_incorrect")
End If
Do While True
Dim i As Integer
Dim nonANcount As Integer = 0
Dim buffer1 As Byte() = New Byte(length - 1) {}
'chPassword contains the password's characters as it's built up
Dim chPassword As Char() = New Char(length - 1) {}
'chPunctionations contains the list of legal non-alphanumeric characters
Dim chPunctuations as Char() = "!@@$%^^*()_-+=[{]};:>|./?".ToCharArray()
'Get a cryptographically strong series of bytes
Dim rng as New System.Security.Cryptography.RNGCryptoServiceProvider
rng.GetBytes(buffer1)
For i = 0 To length - 1
'Convert each byte into its representative character
Dim rndChr As Integer = (buffer1(i) Mod 87)
If (rndChr < 10) Then
chPassword(i) = Convert.ToChar(Convert.ToUInt16(48 + rndChr))
Else
If (rndChr < 36) Then
chPassword(i) = Convert.ToChar(Convert.ToUInt16((65 + rndChr) - 10))
Else
If (rndChr < 62) Then
chPassword(i) = Convert.ToChar(Convert.ToUInt16((97 + rndChr) - 36))
Else
chPassword(i) = chPunctuations(rndChr - 62)
nonANcount += 1
End If
End If
End If
Next
If nonANcount < numberOfNonAlphanumericCharacters Then
Dim rndNumber As New Random
For i = 0 To (numberOfNonAlphanumericCharacters - nonANcount) - 1
Dim passwordPos As Integer
Do
passwordPos = rndNumber.Next(0, length)
Loop While Not Char.IsLetterOrDigit(chPassword(passwordPos))
chPassword(passwordPos) = chPunctuations(rndNumber.Next(0, chPunctuations.Length))
Next
End If
Return New String(chPassword)
Loop
End Function
'Button's Click event handler...
Private Sub GeneratePassword(sender as Object, e as EventArgs)
RandPassword.Text = GeneratePassword(length.SelectedItem.Value, nonAlphanumeric.SelectedItem.Value)
End Sub
</script>
<form runat="server">
Choose the length of the password:
<asp:DropDownList runat="server" id="length">
<asp:ListItem Value="5">5</asp:ListItem>
<asp:ListItem Value="8">8</asp:ListItem>
<asp:ListItem Value="10">10</asp:ListItem>
<asp:ListItem Value="13">13</asp:ListItem>
<asp:ListItem Value="15">15</asp:ListItem>
</asp:DropDownList>
<p>
Choose the <i>minimum</i> number of non-alphanumeric characters you'd like to see:
<asp:DropDownList runat="server" id="nonAlphanumeric">
<asp:ListItem Value="0">0</asp:ListItem>
<asp:ListItem Value="1">1</asp:ListItem>
<asp:ListItem Value="3">3</asp:ListItem>
<asp:ListItem Value="5">5</asp:ListItem>
<asp:ListItem Value="7">7</asp:ListItem>
</asp:DropDownList>
<p>
<asp:Button runat="server" Text="Generate Random Password" OnClick="GeneratePassword" />
<p>
Your random password: <asp:Label runat="server" id="RandPassword" Font-Size="x-large" Font-Bold="True" />
</form>
|
[Return to the article...]