• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 744
  • Last Modified:

random password

i am using this code to generate a random number:
Session["Id"] = new Random().Next(1, 1000);
how can i also include uppercase and or lowercase characters to make it like a random pasword. but it must be unique.

or is there another way to generate a random but unique password and indicate how long it can be in asp.net and classic asp?

  • 3
  • 2
  • 2
  • +5
1 Solution

Hi eaweb

Can't post the code here (i should think it), but you can use:

chr(Random().Next(65,90)) to obtain uppercase random letters
chr(Random().Next(97,122)) to obtain lowercase random letters.
Also, if you use range 65 to 122 you can include some symbols ([\]^_`)
By lowering 65 to 58, you may obtain too: :;<=>?@


Oopss.. it leave me before I've finished.

You should stablish which it's going to be the length of the random password, and iterate through this functions.
You also may do a Select Case from a random 1 to 3, and according to that random, call one of the three options (numbers, lower or uppercase)

Sorry for only giving you the ideas, but I do not have reachable my working framework.
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Mass Dot NetCommented:
What itkamaraj said -- generating a GUID (globally unique ID) is a pretty good way to go.

Jaime OlivaresSoftware ArchitectCommented:
you can build your own function:

public string CreateRandomPassword(int size)
      Random rand = new Random();

      string pass = "";
      for (int i=0; i<size;)
             char val = (char)rand.Next(48,127);
             if (char.IsLetterOrDigit(val))
                  pass += val; i++;
      return pass;

So you can use as:

Session["Id"] = CreateRandomPassword(10);
Mike TomlinsonMiddle School Assistant TeacherCommented:
The author stated:

    "...a random but unique password..."

As the posts have shown thus far, there are MANY ways to generate a random string of characters that can be used as a password.

What has not been addressed is the "UNIQUE" aspect in the requirements.

Unique with respect to what?  Do you have a set of all previously generated passwords that you need to check against to prevent duplicates?

Give us more details...
eawebAuthor Commented:
oh sorry,
i need the generation to be based on globally unique ID.

i need a way to do it in asp.net vb and classic asp vb
use Guid.NewGuid()
this will give a globally unique id every time
this class is a part of dotnet framework
eawebAuthor Commented:
how can i convert the following .net code into classic asp code?

Public Function GetRandomPasswordUsingGUID(ByVal length as Integer) as String  
  'Get the GUID
  Dim guidResult as String = System.Guid.NewGuid().ToString()
  'Remove the hyphens
  guidResult = guidResult.Replace("-", String.Empty)
  'Make sure length is valid
  If length <= 0 OrElse length > guidResult.Length Then
    Throw New ArgumentException("Length must be between 1 and " & guidResult.Length)
  End If
  'Return the first length bytes
  Return guidResult.Substring(0, length)
End Function
In order to ensure uniqueness, you will have to use all 32 characters of the GUID.  If your password is less than the GUID length, you will need to combine the GUID bytes in a way that ensures uniqueness.

Otherwise, you will need to retain/persist the passwords you've generated and do a look-up to ensure uniqueness before issuing a new password.
Mike TomlinsonMiddle School Assistant TeacherCommented:
Right...there isn't any guarantee at all that GUIDs are actually unique.  They don't have any notion of what has been generated before...

The "uniqueness" is simply based on the fact that they are so long that there are literally millions of combinations that can be produced and it is unlikely to generate the same sequence in any short period.

Directly from the documentation:

    "There is a very low probability that the value of the new Guid is all zeroes or equal to any other Guid."

By shortening the length of the value you are decreasing the number of combinations to pick from and increasing the likelihood of a repeat.  The actual probability depends on how often you generate values, how long you need a generated value to remain "unique", and whether you are disposing of the values afterwards or need to persist them so you know they have been used before.

1. What is the big picture for this question?  Why would passwords need to be guaranteed/absolutely unique versus probably unique?

2. How long are these passwords?

3. What kind of character set will comprise these passwords?

4. Are these passwords for use by humans or machines?  (memorability might be important)
PAQ with no refund
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
  • 2
  • +5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now