Code Example : Quick and Easy Password Generator

As part of my new SafePad 1.3 release, I added a simple tool to help users generate passwords. I looked into many ways of generating secure passwords, but in the end I settled on a technique that was very simple, quick to implement, and produces complex to crack random passwords.

Safepad is commonly used as a password vault for storing passwords for multiple sites in one document. The document is then protected with up to 2 passwords. One feature that was requested was that of generating complex passwords straight into a SafePad document.

The solution I picked is demonstrated below. In SafePad, the maximum password length is restricted to 64 characters.

using System;
using System.Security.Cryptography;

namespace HauntedHouseSoftware.SecureNotePad.Tools
{
    public static class PasswordGenerator
    {
        public static string Generate(int passwordLength, bool singleCase)
        {
            if (passwordLength == 0)
            {
                throw new InvalidOperationException("passwordLength");
            }

            string password;

            using (var randomNumberGenerator = new RNGCryptoServiceProvider())
            {
                var randomNumber = new byte[64];
                randomNumberGenerator.GetBytes(randomNumber);

                password = Convert.ToBase64String(randomNumber);
            }

            password = password.Substring(0, passwordLength);

            if (singleCase)
            {
                password = password.ToLower();
            }

            return password;
        }
    }
}

A coding requirement was to generate passwords that where not repeatable, and to do this I used the RNGCryptoServiceProvider class in .NET. I have already discussed using RNGCryptoServiceProvider in a previous article.

The code works by generating a very long random number to fill a 64 byte array. The random number in this array is then Base64 encoded to turn it into a sequence of alpha, numeric, and symbols. Then a password of the desired length is sub-stringed from the front of the longer string. This gives passwords that are nice and random. You can see an example in the screen shot below from SafePad

Generate Passwords to be Inserted into a Document

Generate Passwords to be Inserted into a Document

The actual tool in SafePad generates passwords between 8 and 64 characters long. I hope you find the snippet of code useful. As you can see, this isn’t meant to generate easy to remember, human readable passwords. These are more useful when you want to have different and complex passwords for all your websites and systems, and you are using a password manager to securely store them.

This is just one technique for generating passwords. I would like to hear your thoughts and techniques on the same problem.

One thought on “Code Example : Quick and Easy Password Generator

  1. Andrew Hagel

    Stephen:
    Is it possible to generate passwords containing special characters (such as !,@,#,$, etc.) – to satisfy the requirement of some websites to use those characters?
    Thank you,
    Andrew

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s