Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Generate same password in the same second
Message
From
12/11/2008 03:36:30
Gregory Adam
Belgium
 
 
To
12/11/2008 03:13:16
Viv Phillips
Hay-On-Wye, United Kingdom
General information
Forum:
ASP.NET
Category:
Coding, syntax and commands
Title:
Re: Generate same password in the same second
Environment versions
Environment:
VB 8.0
OS:
Windows XP SP2
Network:
Windows 2003 Server
Database:
Visual FoxPro
Miscellaneous
Thread ID:
01360833
Message ID:
01361246
Views:
15
>>>I tested this. As Gregory says the likilihood of getting two consecutive identical results is purely statistical. With a password length of 5 I get a duplicate once every 40-150K operations. With a password length of 10 I'm currently past 12,000,000 without a duplicate.
>>>I guess it shouldn't be hard to calculate the actual odds - but you get the picture.
>>>
>>>Even with a 5 character password does having one duplicate per several tens of thousands of instances really present a problem?
>>>And you're going to get duplicates anyway - why does the fact that they may be generated consecutively matter?
>>
>>The issue is not about getting unique values on a long period. It is in regards to an issue I have when I need to include a default value for a username and a password in a page. Thus, I call the same method twice. So, I needed to avoid receiving the same values back.
>
>Hi,
>
>So what password length are you using? Even a length of 7 puts the odds at several million to one.
>If that's not good enough you could include numbers and/or case sensitive alphas.
>But how many users are you expecting and what are the real consequences of generating two identical consecutive passwords?
>Do you envisage either party being able to make use of the fact (even if they knew it had occurred)?
>IAC, if you really cannot accept consecutive identical values then you have no option except to check them as they are generated.
>
>Regards,
>Viv

Dunno Viv, but it seems to me Michel is confusing two different/distinct cases

(1) Instantiating Random at each call - if you call the method twice in a short period of time you are almost guaranteed the results will be the same

(2) Have a static Random. Calling it again - and the time between two calls does not matter at all - has a (small, very small) probability that the result of the previous call will be equal to the result of the last one

As you say - to decrease the odds of two identical passwords in succession
- Add lower/upper case
- add digits
- increase the password size

Or test the first passwd char and compare that to the first char of the previous passwd - I posted some code about that

I would also drop the 'double consonant' array as it only increases the odds
Gregory
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform