1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

RFC on my new little project.

Discussion in 'Programming & Webmastering' started by Kreij, Apr 20, 2011.

Thread Status:
Not open for further replies.
  1. Kreij

    Kreij Senior Monkey Moderator Staff Member

    Joined:
    Feb 6, 2007
    Messages:
    13,881 (5.09/day)
    Thanks Received:
    5,615
    Location:
    Cheeseland (Wisconsin, USA)
    I'm writing a little strong password generating program for the fun of it
    Here's a pic of the GUI.
    [​IMG]

    I'm looking for input on options and rules to make it useful for variety of purposes.

    Thanks!!
  2. 3870x2

    3870x2

    Joined:
    Feb 26, 2008
    Messages:
    4,875 (2.08/day)
    Thanks Received:
    689
    Location:
    Joplin, Mo
    interesting enough, we use these programs to generate user passwords for users on secret / top secret networks when they create an account.

    You should try to sell this to the united states army special operations command when you are done with it.
  3. Fourstaff

    Fourstaff Moderator Staff Member

    Joined:
    Nov 29, 2009
    Messages:
    9,158 (5.38/day)
    Thanks Received:
    1,959
    Location:
    Home
    I was thinking about using "seeds", so you can remember your password, and store your "seed" somewhere safe. Whenever you forget your password(s), retrieve the seed, run it pass the program, and insta retrieve! Much safer than storing your actual passwords somewhere. But that sounds like another project.
  4. Kreij

    Kreij Senior Monkey Moderator Staff Member

    Joined:
    Feb 6, 2007
    Messages:
    13,881 (5.09/day)
    Thanks Received:
    5,615
    Location:
    Cheeseland (Wisconsin, USA)
    That's what I had planned. An encrypted file to store the data, unecrypted in the GUI.
    That's easy enough to do.

    But right now I'm just look for input on options/rules. The ones I have show in the GUI are some that I've run across when having to make passwords for various things, and I'm interested in if anyone has seen other options or rules that were required when creating a password.
  5. CStaal New Member

    Joined:
    Dec 11, 2010
    Messages:
    27 (0.02/day)
    Thanks Received:
    3
    How about setting the frequency of uppercase/undercase/numeric and special characters. How many of each do you want to use. Also, an option to set "X" amount of normal characters before a special character is used.
    Kreij says thanks.
  6. Kreij

    Kreij Senior Monkey Moderator Staff Member

    Joined:
    Feb 6, 2007
    Messages:
    13,881 (5.09/day)
    Thanks Received:
    5,615
    Location:
    Cheeseland (Wisconsin, USA)
    Thanks, CStall.

    I was going to make it so there would never be more that 3 consecutive, similar "types" of characters, but your suggestion got me thinking.
    I'm not sure exactly how to implement that as I don't want so many options that the user could potentially make the password less secure through less than judicial use of the options. :/

    I'm also going to make the minimum password length 6, as a password length of 3 would not be considered "strong" by any means. :D

    I added the "Hex Only" option in case someone wants to generate a WEP password.

    I should probably use Unicode characters for localization purposes too.

    I also was going to allow the user to modify the generated password before accepting it.
    That too could potential create a less than secure password, but I can do a "strong check" and warn them before actually committing the password.
  7. 3870x2

    3870x2

    Joined:
    Feb 26, 2008
    Messages:
    4,875 (2.08/day)
    Thanks Received:
    689
    Location:
    Joplin, Mo
    If you can implement a dictionary text file to check against, one of our requirements demands that our passwords do not spell a word, phrase, or a name.
  8. Kreij

    Kreij Senior Monkey Moderator Staff Member

    Joined:
    Feb 6, 2007
    Messages:
    13,881 (5.09/day)
    Thanks Received:
    5,615
    Location:
    Cheeseland (Wisconsin, USA)
    Hmmm ... I should probably then prompt for the username for the site also to check for easily broken derivations of the username.
    Maybe I'll just take away the ability to modify the generated password. :D
    The odds of the generated password being anything like the username or a real word would be virtually none.
  9. Zyon

    Zyon New Member

    Joined:
    Mar 18, 2011
    Messages:
    264 (0.21/day)
    Thanks Received:
    29
    Location:
    Australia
    Or, you could give it a message and tell them to 'remember the password and guard it with your lives' :D
  10. Kreij

    Kreij Senior Monkey Moderator Staff Member

    Joined:
    Feb 6, 2007
    Messages:
    13,881 (5.09/day)
    Thanks Received:
    5,615
    Location:
    Cheeseland (Wisconsin, USA)
    The passwords will be stored in an encrypted file, so they only have to remember one key to access them. Of course, if they forget the key they're up the perverbial creek without a paddle. :D
  11. Kreij

    Kreij Senior Monkey Moderator Staff Member

    Joined:
    Feb 6, 2007
    Messages:
    13,881 (5.09/day)
    Thanks Received:
    5,615
    Location:
    Cheeseland (Wisconsin, USA)
    This is going to be encorporated into my Key-Z project.
    Please use this thread to see what's going on.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Thread Status:
Not open for further replies.

Share This Page