Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
password generation
- Thread starter sauser
- Start date
- Thread starter
- #3
what i mean the following
I have a comma delimited ascii file
just like this
data, data, data, data, blah, blah
what i need is to read that line and generate a password based on that!
I just need help with the password generation algorithm itself.
Thanks
I have a comma delimited ascii file
just like this
data, data, data, data, blah, blah
what i need is to read that line and generate a password based on that!
I just need help with the password generation algorithm itself.
Thanks
HavaTheJut
Programmer
Is this data intended to reproduce the same password upon every generation? Likewise, must the password be broken down into the same data? Do you want the ascii to consist of real words?
- Thread starter
- #5
HavaTheJut
Programmer
One basic idea:
1. Have an alphabetized list of a number of real words (Vector?).
2. Get the index of each of the words.
3. Here's the biggie: do something with those indices that can be reversed.
I would be careful using mod since it might be hard to decrypt (unless you want to consider using keys).
Something to try:
Say you have twenty words in the list and use 3 for the data. The indices are 0-19.
Lets assume
The data: blam, blip, blop
blam -> 8
blip -> 9
blop -> 11
Tack the numbers together so that each is the same number of digits by padding with 0 when necessary.
080911
Convert to hex
0x13C0F
Convert every two bytes to a unicode character or every byte to an ascii character. Using ascii,
// These are obviously not correct
F -> '@'
0 -> ''
C -> 'z'
etc.
Put these ascii characters together and you've got a password that can be broken down into the data again.
1. Have an alphabetized list of a number of real words (Vector?).
2. Get the index of each of the words.
3. Here's the biggie: do something with those indices that can be reversed.
I would be careful using mod since it might be hard to decrypt (unless you want to consider using keys).
Something to try:
Say you have twenty words in the list and use 3 for the data. The indices are 0-19.
Lets assume
The data: blam, blip, blop
blam -> 8
blip -> 9
blop -> 11
Tack the numbers together so that each is the same number of digits by padding with 0 when necessary.
080911
Convert to hex
0x13C0F
Convert every two bytes to a unicode character or every byte to an ascii character. Using ascii,
// These are obviously not correct
F -> '@'
0 -> ''
C -> 'z'
etc.
Put these ascii characters together and you've got a password that can be broken down into the data again.
HavaTheJut
Programmer
Something I just realized about the previous algorithm:
Passwords created by a human do not necessarily correspond to data sequences. For example, mypass3 might break down into indices 12, 34, 3. There might not be 34 words in your list.
You can solve this using mod, but there is a catch. Bear with me.
Take the sequence 12, 34, 3 and take each one mod 20 to get
12, 14, 3
Then convert to the valid data sequence, say 'bonk, bing, bop'
The catch is as follows:
say 12, 14, 3 equates to 'C6&7fG#'
Then, reconstructing the password from the data will give this value and not 'mypass3'
To fix this:
Store only the generated password with each user, e.g. C6&7fG#
When the user logs in with 'mypass3', compute the real password associated with it.
Although this works, multiple passwords will work for each user. (mypass3, TBh#%( , and g4Gqj might all equate to C6&7fG#.)
Then again, this is only the first idea that popped into my head...
-HavaTheJut
Passwords created by a human do not necessarily correspond to data sequences. For example, mypass3 might break down into indices 12, 34, 3. There might not be 34 words in your list.
You can solve this using mod, but there is a catch. Bear with me.
Take the sequence 12, 34, 3 and take each one mod 20 to get
12, 14, 3
Then convert to the valid data sequence, say 'bonk, bing, bop'
The catch is as follows:
say 12, 14, 3 equates to 'C6&7fG#'
Then, reconstructing the password from the data will give this value and not 'mypass3'
To fix this:
Store only the generated password with each user, e.g. C6&7fG#
When the user logs in with 'mypass3', compute the real password associated with it.
Although this works, multiple passwords will work for each user. (mypass3, TBh#%( , and g4Gqj might all equate to C6&7fG#.)
Then again, this is only the first idea that popped into my head...
-HavaTheJut
- Status
Similar threads
- Locked
- Question