[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 658
  • Last Modified:

Need Help With C# Password Generator

We are starting to have too many machines to manage passwords for (Linux machines) and instead of using the same root password for everything, we want to generate passwords based on the following formula:

Seed Text + Fully Qualified Domain Name of Machine = Compliant Password

A compliant password under company policy is basically:
start with a letter (upper or lower case)
have at least 1 upper case letter
have at least 1 lower case letter
have at least 1 number
have at least 1 symbol
be at least 8 characters in length

My goal is to have a small GUI that can generate the same compliant password for a machine if the seed, and FQDN remain a constant.  That way when we are cycling passwords we can just type in a new seed, and be all set.  No more remembering passwords etc...  I have the form designed, and I just need the code to actually generate the password.  I will give the user credit in the About box under their name of choice ;)

Thanks

PS: I am using Visual Studio 2010 Team Edition if that makes any difference.
0
NewMacAdmin
Asked:
NewMacAdmin
  • 5
  • 3
3 Solutions
 
NewMacAdminAuthor Commented:
Correction: A compliant password meets these requirements:
# Password contains at least eight non-blank characters, provided such passwords are allowed by the operating system or application.
# Password contains a combination of letters (a mixture of upper and lowercase), numbers, and at least one special character within the first seven positions, provided such passwords are allowed by the operating system or application.
# Password contains a nonnumeric in the first and last position.
# Password does not contain the user ID.
# Password does not include the user’s own or, to the best of his/her knowledge, close friends or relatives names, employee serial number, Social Security number, birth date, phone number, or any information about him/her that the user believes could be readily learned or guessed.
# Password does not, to the best of the user’s knowledge, include common words that would be in an English dictionary, or from another language with which the user has familiarity.
# Password does not, to the best of the user’s knowledge, employ commonly used proper names, including the name of any fictional character or place.
# Password does not contain any simple pattern of letters or numbers, such as “qwertyxx” or “xyz123xx.”

It still must be derived from the two text boxes containing Seed and FQDN

Thanks
0
 
MathiyazhaganCommented:
I have tried a sample with following constaints :
  1. start with a letter (upper or lower case)
  2.have at least 1 upper case letter
  3.have at least 1 lower case letter
  4.have at least 1 number
  5.have at least 1 symbol
  6.be at least 8 characters in length
  7.generate the same compliant password for a machine if the seed, and FQDN remain a constant
  8.It still must be derived from the  Seed and FQDN values

The given method generates the password base on seed, FQDN and max password length  .you can invoke thise
like,
      sPassword = GetCompliantPassword("may", "chnvsbt0033pc.in002.test.net", 8);

I am not  doing this :
# Password does not include the user’s own or, to the best of his/her knowledge, close friends or relatives names, employee serial number, Social Security number, birth date, phone number, or any information about him/her that the user believes could be readily learned or guessed
# Password does not, to the best of the user’s knowledge, include common words that would be in an English dictionary, or from another language with which the user has familiarity.
# Password does not, to the best of the user’s knowledge, employ commonly used proper names, including the name of any fictional character or place.
- as above all are change to person to person,language to languageand user knowledge.
still tou can do this in invoking place like :

            List<string> lstNotAlowed = new List<string>();
            lstNotAlowed.Add("is123456"); //emp code
            lstNotAlowed.Add("mathiksm"); //use name
            lstNotAlowed.Add("qwertyxx"); //easy password
            lstNotAlowed.Add("admin"); //fictional charcter
            bool isValidPassword = false;
            string sPassword = "";
            while (!isValidPassword)
            {
                sPassword = GetCompliantPassword("may", "chnvsbt0033pc.in002.test.net", 8);
                if (!lstNotAlowed.Contains(sPassword))
                    isValidPassword = true;
              else
              {
                  //change key seed like may0 and call the same method again until get correct password
              }
            }
            Console.WriteLine("Valid Password =" + sPassword);
private string  GetCompliantPassword(string sSeed, string sFQDN, int iMaxLength )
        {
            string newseed = sSeed + sFQDN;
            int iSeed = 0;
            foreach ( char ch  in newseed.ToCharArray() )
            {
                iSeed += ch;
            }
            Random rnd = new Random(iSeed);
            string sPassword = "";
            string sCharactersNotAllowed = ","; //add required charcters needed to be skip
            bool hasUpperCase, hasLowerCase, hasNumber, hasSymbol;
            hasUpperCase = hasLowerCase = hasSymbol = hasNumber = false;
            while (sPassword.Length != iMaxLength)
            {
                char ch = (char)rnd.Next(32, 126);
                if (sCharactersNotAllowed.IndexOf(ch) != -1)
                    continue;
                if (Char.IsUpper(ch) && !hasUpperCase)
                {
                    sPassword += ch;
                    hasUpperCase = true;
                }
                else if (Char.IsLower(ch) && !hasLowerCase)
                {
                    sPassword += ch;
                    hasLowerCase = true;
                }
                else if (sPassword.Length != 0 && sPassword.Length != iMaxLength-1)
                {
                    if (char.IsNumber(ch) && !hasNumber)
                    {
                        sPassword += ch;
                        hasNumber = true;
                    }
                    else if (Char.IsSymbol(ch) && !hasSymbol)
                    {
                        sPassword += ch;
                        hasSymbol = true;
                    }
                }
                if (sPassword.Length == iMaxLength - 1)
                {
                    hasUpperCase = hasLowerCase = false;
                }
                if (hasUpperCase && hasLowerCase && hasSymbol && hasNumber )
                    hasUpperCase = hasLowerCase = hasSymbol = hasNumber = false;
            }
            return sPassword;
        }

Open in new window

0
 
MathiyazhaganCommented:
Oh , Forgot to explain logic in attached sample :

  1.we are creating a string by adding seed and FQDN
  2.we are generating inetger  seed vaue  by adding  ascii value of every character .
         foreach ( char ch  in newseed.ToCharArray() )
                 iSeed += ch;
     and creating random class with above seed
    3. genarating numbers, characters and symbol randomly  using their ascii values from 33 to 126
                char ch = (char)rnd.Next(32, 126);
         error in attcahed code. it should be has 33 as min malue
        refer here for ascii  values :http://ascii-table.com/ascii.php
   4.you can skip some of non os complaint those characted with in above range by adding them
        in   string "sCharactersNotAllowed "
   5. we are adding upper,lower, numbers and symbols as above uptp it meets max length.if we added
    a upper case character , we wont add it again until other types of character (lower, number,symbol) are added.
    we are doing the same all types inorder to get all kind od characters.
   
  6.we are skipping numbers and letters at first and last position


hope this form a required password as per your requirement.
   
 
         
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
NewMacAdminAuthor Commented:
Thanks for the code.  What do lines 42-50 do?
Also what name would you like to appear in the about box?
0
 
NewMacAdminAuthor Commented:
Also the password HAS to START with a letter of any case
0
 
MathiyazhaganCommented:
1.What do lines 42-50 do?
                if (sPassword.Length == iMaxLength - 1)
                {
                    hasUpperCase = hasLowerCase = false;
                }
        we have to skip symbol,numbers at last position. consider Max length = 8 and the generated password upto 7 characters is :  fF5+Nu> here, Uppercase and lowercase are filled and  then hasUpperCase = hasLowerCase  = true. so, it will skip uppper and lower case and we only have the chance of getting number and symbol.to avoid this situation, we have allow upper case and lower case to continue. so, we are making those values to false nad we are getting final password as fF5+Nu>J
            if (hasUpperCase && hasLowerCase && hasSymbol && hasNumber )
                    hasUpperCase = hasLowerCase = hasSymbol = hasNumber = false;
            }
if all the types are filled (all are true ) , we have to generate all those types again.so, we are making them as false.

2.Also the password HAS to START with a letter of any case

yes, it will either upper or lower case character first based on the seed.in our example,
GetCompliantPassword("apr", "chnvsbt0033pc.in002.test.net", 8) gives fF5+Nu>J
GetCompliantPassword("mar", "chnvsbt0033pc.in002.test.net", 8) gives R<s9N^cB

and finally , Also what name would you like to appear in the about box? :)
   Mathiyazhagan.KS

Thank you.
0
 
NewMacAdminAuthor Commented:
Ah ok. I may have misread something.  It is working perfectly.  Now I just need to make it so the software won't run outside our organization. (I have a good handle on that so far.)
0
 
NewMacAdminAuthor Commented:
Worked perfectly.
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now