>>>>>I tested this. As Gregory says the likilihood of getting two consecutive identical results is purely statistical. With a password length of 5 I get a duplicate once every 40-150K operations. With a password length of 10 I'm currently past 12,000,000 without a duplicate.
>>>>>I guess it shouldn't be hard to calculate the actual odds - but you get the picture.
>>>>>
>>>>>Even with a 5 character password does having one duplicate per several tens of thousands of instances really present a problem?
>>>>>And you're going to get duplicates anyway - why does the fact that they may be generated consecutively matter?
>>>>
>>>>The issue is not about getting unique values on a long period. It is in regards to an issue I have when I need to include a default value for a username and a password in a page. Thus, I call the same method twice. So, I needed to avoid receiving the same values back.
>>>
>>>Hi,
>>>
>>>So what password length are you using? Even a length of 7 puts the odds at several million to one.
>>>If that's not good enough you could include numbers and/or case sensitive alphas.
>>>But how many users are you expecting and what are the real consequences of generating two identical consecutive passwords?
>>>Do you envisage either party being able to make use of the fact (even if they knew it had occurred)?
>>>IAC, if you really cannot accept consecutive identical values then you have no option except to check them as they are generated.
>>>
>>>Regards,
>>>Viv
>>
>>Dunno Viv, but it seems to me Michel is confusing two different/distinct cases
>>
>>(1) Instantiating Random at each call - if you call the method twice in a short period of time you are almost guaranteed the results will be the same
>>
>>(2) Have a static Random. Calling it again - and the time between two calls does not matter at all - has a (small, very small) probability that the result of the previous call will be equal to the result of the last one
>>
>>As you say - to decrease the odds of two identical passwords in succession
>>- Add lower/upper case
>>- add digits
>>- increase the password size
>>
>>Or test the first passwd char and compare that to the first char of the previous passwd - I posted some code about that
>>
>>I would also drop the 'double consonant' array as it only increases the odds
>
>Agreed. I saw your code - wondered if it might be better to select the first character outside the loop so reducing the checking within it...

Oh well - it's a test for (lnCounter == 0) - not very signficant - and for a passwd of 6 chars or so


>FWIW, I just ran Michel's code on length of 7 and got to 22,283,546 iterations before getting consecutive duplicates. I wouldn't think those sort of odds would be regarded as significant in many scenarios
>

I think a better solution would be to include the username and DateTime() in the seed of Random() - yes not static any more

>Best,
>Viv