Generating 10-character passwords, with 3-6 digits and 3-6 uppercase letters, in C++Generating Passwords with a Secure PRNGGenerating character permutationsAdd spaces before uppercase lettersApp for generating passwordsGenerating simple and complex passwordsGenerating XKCD passwordsAlternate letters to UpperCaseGenerating a very long random string of lettersConvert uppercase characters to lowercase and insert a space where each uppercase character used to beCounting lowercase and uppercase letters in a string in Python

Probability of taking balls without replacement from a bag question

Can I bring back Planetary Romance as a genre?

How can I make parentheses stick to formula?

What replaces x86 intrinsics for C when Apple ditches Intel CPUs for their own chips?

Does STATISTICS IO output include Version Store reads?

How do I minimise waste on a flight?

How to avoid making self and former employee look bad when reporting on fixing former employee's work?

Can the president of the United States be guilty of insider trading?

Are double contractions formal? Eg: "couldn't've" for "could not have"

Is it a good idea to copy a trader when investing?

Why is it wrong to *implement* myself a known, published, widely believed to be secure crypto algorithm?

TeX Gyre Pagella Math Integral sign much too small

Why should password hash verification be time consistent?

Gift for mentor after his thesis defense?

Why is valarray so slow on VS2015?

Why does the electron wavefunction not collapse within atoms at room temperature in gas, liquids or solids due to decoherence?

Examples where existence is harder than evaluation

Has everyone forgotten about wildfire?

Using wilcox.test() and t.test() in R yielding different p-values

if i accidentally leaked my schools ip address and someone d doses my school am i at fault

How to get MAX value using SOQL when there are more than 50,000 rows

How is Arya still alive?

Row vectors and column vectors (Mathematica vs Matlab)

What's the "magic similar to the Knock spell" referenced in the Dungeon of the Mad Mage adventure?



Generating 10-character passwords, with 3-6 digits and 3-6 uppercase letters, in C++


Generating Passwords with a Secure PRNGGenerating character permutationsAdd spaces before uppercase lettersApp for generating passwordsGenerating simple and complex passwordsGenerating XKCD passwordsAlternate letters to UpperCaseGenerating a very long random string of lettersConvert uppercase characters to lowercase and insert a space where each uppercase character used to beCounting lowercase and uppercase letters in a string in Python






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








3












$begingroup$


In response to a question on Information Security on brute-forcing passwords, I wrote code that helped solve the problem:




Generate a password list of 10 character passwords containing only a combination of 3 - 6 numbers and 3 - 6 uppercase letters.




I'd like a code review done of the snippet I wrote. I don't know really anything about optimizing software. I can write it (self-taught) but I don't have the deep insights needed to improve already working software, so I've started posting code snippets in here for you guys to give me insights. I really think this channel is great and without further ado, I'll get to it.



#include <iostream>
#include <vector>
#include <random>
#include <string>

const char charset[] = 'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z','0','1','2','3','4','5','6','7','8','8','9';
int main()


std::cout << "Please enter the number of passwords to generate here: ";
int num_pass;
std::cin >> num_pass;
std::random_device dev;
std::mt19937_64 rng(dev());
std::vector<std::string> passwds;
std::uniform_int_distribution<std::mt19937_64::result_type> dist(0, sizeof(charset) - 1);

for (int i = 0; i < num_pass; ++i)
std::string pass = "";
int num_nums = 0, num_chars = 0;
while (pass.length() < 10)
char c = charset[dist(rng)];
if (isdigit(c) && num_nums < 6)
pass += c;
num_nums++;

else if (isalpha(c) && num_chars < 6)
pass += c;
num_chars++;


passwds.push_back(pass);
std::cout << pass << std::endl;

std::cin.get();

```









share|improve this question









New contributor



leaustinwile is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






$endgroup$











  • $begingroup$
    Is this better?
    $endgroup$
    – leaustinwile
    9 hours ago










  • $begingroup$
    If you have a 10 character password, with 3 digits, and at most 6 uppercase letters, what is the 10th character? Or with 3 uppercase letters and at most 6 digits, what is the 10th character?
    $endgroup$
    – AJNeufeld
    6 hours ago










  • $begingroup$
    I saw that discrepancy. I believe the OP meant 4 to 6 not 3 to 6 letters/digits. So it just uses 4-6 random digits. Which means it either has 4 letters and 6 digits or 6 digits and 4 letters.
    $endgroup$
    – leaustinwile
    6 hours ago






  • 1




    $begingroup$
    You shouldn't edit the code in the question after you have received an answer. See this help topic.
    $endgroup$
    – 1201ProgramAlarm
    2 hours ago

















3












$begingroup$


In response to a question on Information Security on brute-forcing passwords, I wrote code that helped solve the problem:




Generate a password list of 10 character passwords containing only a combination of 3 - 6 numbers and 3 - 6 uppercase letters.




I'd like a code review done of the snippet I wrote. I don't know really anything about optimizing software. I can write it (self-taught) but I don't have the deep insights needed to improve already working software, so I've started posting code snippets in here for you guys to give me insights. I really think this channel is great and without further ado, I'll get to it.



#include <iostream>
#include <vector>
#include <random>
#include <string>

const char charset[] = 'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z','0','1','2','3','4','5','6','7','8','8','9';
int main()


std::cout << "Please enter the number of passwords to generate here: ";
int num_pass;
std::cin >> num_pass;
std::random_device dev;
std::mt19937_64 rng(dev());
std::vector<std::string> passwds;
std::uniform_int_distribution<std::mt19937_64::result_type> dist(0, sizeof(charset) - 1);

for (int i = 0; i < num_pass; ++i)
std::string pass = "";
int num_nums = 0, num_chars = 0;
while (pass.length() < 10)
char c = charset[dist(rng)];
if (isdigit(c) && num_nums < 6)
pass += c;
num_nums++;

else if (isalpha(c) && num_chars < 6)
pass += c;
num_chars++;


passwds.push_back(pass);
std::cout << pass << std::endl;

std::cin.get();

```









share|improve this question









New contributor



leaustinwile is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






$endgroup$











  • $begingroup$
    Is this better?
    $endgroup$
    – leaustinwile
    9 hours ago










  • $begingroup$
    If you have a 10 character password, with 3 digits, and at most 6 uppercase letters, what is the 10th character? Or with 3 uppercase letters and at most 6 digits, what is the 10th character?
    $endgroup$
    – AJNeufeld
    6 hours ago










  • $begingroup$
    I saw that discrepancy. I believe the OP meant 4 to 6 not 3 to 6 letters/digits. So it just uses 4-6 random digits. Which means it either has 4 letters and 6 digits or 6 digits and 4 letters.
    $endgroup$
    – leaustinwile
    6 hours ago






  • 1




    $begingroup$
    You shouldn't edit the code in the question after you have received an answer. See this help topic.
    $endgroup$
    – 1201ProgramAlarm
    2 hours ago













3












3








3





$begingroup$


In response to a question on Information Security on brute-forcing passwords, I wrote code that helped solve the problem:




Generate a password list of 10 character passwords containing only a combination of 3 - 6 numbers and 3 - 6 uppercase letters.




I'd like a code review done of the snippet I wrote. I don't know really anything about optimizing software. I can write it (self-taught) but I don't have the deep insights needed to improve already working software, so I've started posting code snippets in here for you guys to give me insights. I really think this channel is great and without further ado, I'll get to it.



#include <iostream>
#include <vector>
#include <random>
#include <string>

const char charset[] = 'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z','0','1','2','3','4','5','6','7','8','8','9';
int main()


std::cout << "Please enter the number of passwords to generate here: ";
int num_pass;
std::cin >> num_pass;
std::random_device dev;
std::mt19937_64 rng(dev());
std::vector<std::string> passwds;
std::uniform_int_distribution<std::mt19937_64::result_type> dist(0, sizeof(charset) - 1);

for (int i = 0; i < num_pass; ++i)
std::string pass = "";
int num_nums = 0, num_chars = 0;
while (pass.length() < 10)
char c = charset[dist(rng)];
if (isdigit(c) && num_nums < 6)
pass += c;
num_nums++;

else if (isalpha(c) && num_chars < 6)
pass += c;
num_chars++;


passwds.push_back(pass);
std::cout << pass << std::endl;

std::cin.get();

```









share|improve this question









New contributor



leaustinwile is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






$endgroup$




In response to a question on Information Security on brute-forcing passwords, I wrote code that helped solve the problem:




Generate a password list of 10 character passwords containing only a combination of 3 - 6 numbers and 3 - 6 uppercase letters.




I'd like a code review done of the snippet I wrote. I don't know really anything about optimizing software. I can write it (self-taught) but I don't have the deep insights needed to improve already working software, so I've started posting code snippets in here for you guys to give me insights. I really think this channel is great and without further ado, I'll get to it.



#include <iostream>
#include <vector>
#include <random>
#include <string>

const char charset[] = 'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z','0','1','2','3','4','5','6','7','8','8','9';
int main()


std::cout << "Please enter the number of passwords to generate here: ";
int num_pass;
std::cin >> num_pass;
std::random_device dev;
std::mt19937_64 rng(dev());
std::vector<std::string> passwds;
std::uniform_int_distribution<std::mt19937_64::result_type> dist(0, sizeof(charset) - 1);

for (int i = 0; i < num_pass; ++i)
std::string pass = "";
int num_nums = 0, num_chars = 0;
while (pass.length() < 10)
char c = charset[dist(rng)];
if (isdigit(c) && num_nums < 6)
pass += c;
num_nums++;

else if (isalpha(c) && num_chars < 6)
pass += c;
num_chars++;


passwds.push_back(pass);
std::cout << pass << std::endl;

std::cin.get();

```






c++ performance beginner strings random






share|improve this question









New contributor



leaustinwile is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.










share|improve this question









New contributor



leaustinwile is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








share|improve this question




share|improve this question








edited 1 hour ago









200_success

132k20159425




132k20159425






New contributor



leaustinwile is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








asked 9 hours ago









leaustinwileleaustinwile

917




917




New contributor



leaustinwile is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




New contributor




leaustinwile is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.













  • $begingroup$
    Is this better?
    $endgroup$
    – leaustinwile
    9 hours ago










  • $begingroup$
    If you have a 10 character password, with 3 digits, and at most 6 uppercase letters, what is the 10th character? Or with 3 uppercase letters and at most 6 digits, what is the 10th character?
    $endgroup$
    – AJNeufeld
    6 hours ago










  • $begingroup$
    I saw that discrepancy. I believe the OP meant 4 to 6 not 3 to 6 letters/digits. So it just uses 4-6 random digits. Which means it either has 4 letters and 6 digits or 6 digits and 4 letters.
    $endgroup$
    – leaustinwile
    6 hours ago






  • 1




    $begingroup$
    You shouldn't edit the code in the question after you have received an answer. See this help topic.
    $endgroup$
    – 1201ProgramAlarm
    2 hours ago
















  • $begingroup$
    Is this better?
    $endgroup$
    – leaustinwile
    9 hours ago










  • $begingroup$
    If you have a 10 character password, with 3 digits, and at most 6 uppercase letters, what is the 10th character? Or with 3 uppercase letters and at most 6 digits, what is the 10th character?
    $endgroup$
    – AJNeufeld
    6 hours ago










  • $begingroup$
    I saw that discrepancy. I believe the OP meant 4 to 6 not 3 to 6 letters/digits. So it just uses 4-6 random digits. Which means it either has 4 letters and 6 digits or 6 digits and 4 letters.
    $endgroup$
    – leaustinwile
    6 hours ago






  • 1




    $begingroup$
    You shouldn't edit the code in the question after you have received an answer. See this help topic.
    $endgroup$
    – 1201ProgramAlarm
    2 hours ago















$begingroup$
Is this better?
$endgroup$
– leaustinwile
9 hours ago




$begingroup$
Is this better?
$endgroup$
– leaustinwile
9 hours ago












$begingroup$
If you have a 10 character password, with 3 digits, and at most 6 uppercase letters, what is the 10th character? Or with 3 uppercase letters and at most 6 digits, what is the 10th character?
$endgroup$
– AJNeufeld
6 hours ago




$begingroup$
If you have a 10 character password, with 3 digits, and at most 6 uppercase letters, what is the 10th character? Or with 3 uppercase letters and at most 6 digits, what is the 10th character?
$endgroup$
– AJNeufeld
6 hours ago












$begingroup$
I saw that discrepancy. I believe the OP meant 4 to 6 not 3 to 6 letters/digits. So it just uses 4-6 random digits. Which means it either has 4 letters and 6 digits or 6 digits and 4 letters.
$endgroup$
– leaustinwile
6 hours ago




$begingroup$
I saw that discrepancy. I believe the OP meant 4 to 6 not 3 to 6 letters/digits. So it just uses 4-6 random digits. Which means it either has 4 letters and 6 digits or 6 digits and 4 letters.
$endgroup$
– leaustinwile
6 hours ago




1




1




$begingroup$
You shouldn't edit the code in the question after you have received an answer. See this help topic.
$endgroup$
– 1201ProgramAlarm
2 hours ago




$begingroup$
You shouldn't edit the code in the question after you have received an answer. See this help topic.
$endgroup$
– 1201ProgramAlarm
2 hours ago










2 Answers
2






active

oldest

votes


















3












$begingroup$

Your passwords will be biased, with more letters appearing towards the front of the password and more digits towards the end.



A better approach would be to determine how many digits you will have in the password. Then, for each character, determine if it should be a digit based on the number of digits you want to have and the number of characters left to fill by checking if (random(characters_left) < digits_left). Then select either a random digit or letter for that position.



When you declare pass, you don't need to pass it an empty string. It is default constructed as empty.



std::string pass;





share|improve this answer









$endgroup$












  • $begingroup$
    Can you tell me why it would be biased? It's easily solved with one line.
    $endgroup$
    – leaustinwile
    5 hours ago






  • 1




    $begingroup$
    @leaustinwile 26 times out of 36, the first character will be a letter (since you have 26 letters and 10 digits). Since this continues for the remaining characters, you'll run thru letters faster than digits, resulting in more digits at the end.
    $endgroup$
    – 1201ProgramAlarm
    5 hours ago










  • $begingroup$
    Review the code again, I've solved this problem and fixed the "" declaration of the string. (Old java habits).
    $endgroup$
    – leaustinwile
    5 hours ago










  • $begingroup$
    sorry for fuzzing your points. having read the previous question, i understand that some of what's going on is a design requirement for whatever reason.
    $endgroup$
    – ShapeOfMatter
    5 hours ago


















3












$begingroup$

In general, placing constraints on your passwords, such as that they have x-many numerals and y-many letters, makes your password generation scheme slightly worse; there's no advantage.

But sometimes we're required to do silly things.



In this situation, it looks like the requirement is to have at least four of each, but that could change, as could the desired length of the password. So if this is going to be a reusable tool, it sounds like it should take at least 4 parameters, three of them optional:



  • password_length

  • max_alpha - default password_length

  • max_num - default password_length

  • quantity - default 0

This will give you useful and appropriate behavior by default. The other convenient thing is that you can exclude a character class altogether by setting the max_x to 0.

Do remember to check that the input values are reasonable (non-negative or whatever).



I think the problem 1201ProgramAlarm points out is real, but his proposed solution is a little vague (and sounds hard to maintain), and the edit you made to solve the problem doesn't look like it addresses it at all.



Here's what I would do, both for the above reason and for maintainability:



  • Define each character class as a separate vector. (Should upper-case and lower-case be their own classes? this could get complicated fast.)

  • Define a vector containing the union of the character classes.

  • Calculate how many don't-care characters there will be, such that max_alpha + max_num (+ etc) + dont_care == password_length.

  • For each of the target character quantities, select that many characters (uniformly at random with replacement) from the respective class (vector). You could probably be pushing all of these to a single string/buffer as you go.

  • Shuffle the string.

Also, because this is Code Review:



  • You're building a list passwds, but you're not using it.

  • Taking arguments from stdin isn't as user-friendly as taking them as arguments to main(), in my opinion.

  • The whole business of removing duplicates from the list seems fishy to me, but I guess it's better to do it in a separate step than to bake it into your password generator.

  • Is the business with the clock purely diagnostic?

  • Similarly, the part at the end where you hold for the user to hit enter seems un-friendly to me, but I guess I don't know your use-case.

  • If you do implement my advice above, then you're almost certainly going to want to break this up into a couple different functions.





share|improve this answer








New contributor



ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





$endgroup$












  • $begingroup$
    So I hear all your points, but you have to remember, this wasn't programmed for maximum efiiciency. It was just written as a PoC for another question in a different channel. I just thought I'd post it in here to learn. The business with the clock is purely diagnostic. That was simply in there for my purposes, to see when it ended during debug, if the strings generated were in fact non-uniform. I agree about the stdin vs. argv point too, again, it was just created in VS as a PoC for someone else's problem. Good points, but shuffling the array and then again picking a random index
    $endgroup$
    – leaustinwile
    1 hour ago












Your Answer






StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "196"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);






leaustinwile is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f219954%2fgenerating-10-character-passwords-with-3-6-digits-and-3-6-uppercase-letters-in%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























2 Answers
2






active

oldest

votes








2 Answers
2






active

oldest

votes









active

oldest

votes






active

oldest

votes









3












$begingroup$

Your passwords will be biased, with more letters appearing towards the front of the password and more digits towards the end.



A better approach would be to determine how many digits you will have in the password. Then, for each character, determine if it should be a digit based on the number of digits you want to have and the number of characters left to fill by checking if (random(characters_left) < digits_left). Then select either a random digit or letter for that position.



When you declare pass, you don't need to pass it an empty string. It is default constructed as empty.



std::string pass;





share|improve this answer









$endgroup$












  • $begingroup$
    Can you tell me why it would be biased? It's easily solved with one line.
    $endgroup$
    – leaustinwile
    5 hours ago






  • 1




    $begingroup$
    @leaustinwile 26 times out of 36, the first character will be a letter (since you have 26 letters and 10 digits). Since this continues for the remaining characters, you'll run thru letters faster than digits, resulting in more digits at the end.
    $endgroup$
    – 1201ProgramAlarm
    5 hours ago










  • $begingroup$
    Review the code again, I've solved this problem and fixed the "" declaration of the string. (Old java habits).
    $endgroup$
    – leaustinwile
    5 hours ago










  • $begingroup$
    sorry for fuzzing your points. having read the previous question, i understand that some of what's going on is a design requirement for whatever reason.
    $endgroup$
    – ShapeOfMatter
    5 hours ago















3












$begingroup$

Your passwords will be biased, with more letters appearing towards the front of the password and more digits towards the end.



A better approach would be to determine how many digits you will have in the password. Then, for each character, determine if it should be a digit based on the number of digits you want to have and the number of characters left to fill by checking if (random(characters_left) < digits_left). Then select either a random digit or letter for that position.



When you declare pass, you don't need to pass it an empty string. It is default constructed as empty.



std::string pass;





share|improve this answer









$endgroup$












  • $begingroup$
    Can you tell me why it would be biased? It's easily solved with one line.
    $endgroup$
    – leaustinwile
    5 hours ago






  • 1




    $begingroup$
    @leaustinwile 26 times out of 36, the first character will be a letter (since you have 26 letters and 10 digits). Since this continues for the remaining characters, you'll run thru letters faster than digits, resulting in more digits at the end.
    $endgroup$
    – 1201ProgramAlarm
    5 hours ago










  • $begingroup$
    Review the code again, I've solved this problem and fixed the "" declaration of the string. (Old java habits).
    $endgroup$
    – leaustinwile
    5 hours ago










  • $begingroup$
    sorry for fuzzing your points. having read the previous question, i understand that some of what's going on is a design requirement for whatever reason.
    $endgroup$
    – ShapeOfMatter
    5 hours ago













3












3








3





$begingroup$

Your passwords will be biased, with more letters appearing towards the front of the password and more digits towards the end.



A better approach would be to determine how many digits you will have in the password. Then, for each character, determine if it should be a digit based on the number of digits you want to have and the number of characters left to fill by checking if (random(characters_left) < digits_left). Then select either a random digit or letter for that position.



When you declare pass, you don't need to pass it an empty string. It is default constructed as empty.



std::string pass;





share|improve this answer









$endgroup$



Your passwords will be biased, with more letters appearing towards the front of the password and more digits towards the end.



A better approach would be to determine how many digits you will have in the password. Then, for each character, determine if it should be a digit based on the number of digits you want to have and the number of characters left to fill by checking if (random(characters_left) < digits_left). Then select either a random digit or letter for that position.



When you declare pass, you don't need to pass it an empty string. It is default constructed as empty.



std::string pass;






share|improve this answer












share|improve this answer



share|improve this answer










answered 5 hours ago









1201ProgramAlarm1201ProgramAlarm

3,96821026




3,96821026











  • $begingroup$
    Can you tell me why it would be biased? It's easily solved with one line.
    $endgroup$
    – leaustinwile
    5 hours ago






  • 1




    $begingroup$
    @leaustinwile 26 times out of 36, the first character will be a letter (since you have 26 letters and 10 digits). Since this continues for the remaining characters, you'll run thru letters faster than digits, resulting in more digits at the end.
    $endgroup$
    – 1201ProgramAlarm
    5 hours ago










  • $begingroup$
    Review the code again, I've solved this problem and fixed the "" declaration of the string. (Old java habits).
    $endgroup$
    – leaustinwile
    5 hours ago










  • $begingroup$
    sorry for fuzzing your points. having read the previous question, i understand that some of what's going on is a design requirement for whatever reason.
    $endgroup$
    – ShapeOfMatter
    5 hours ago
















  • $begingroup$
    Can you tell me why it would be biased? It's easily solved with one line.
    $endgroup$
    – leaustinwile
    5 hours ago






  • 1




    $begingroup$
    @leaustinwile 26 times out of 36, the first character will be a letter (since you have 26 letters and 10 digits). Since this continues for the remaining characters, you'll run thru letters faster than digits, resulting in more digits at the end.
    $endgroup$
    – 1201ProgramAlarm
    5 hours ago










  • $begingroup$
    Review the code again, I've solved this problem and fixed the "" declaration of the string. (Old java habits).
    $endgroup$
    – leaustinwile
    5 hours ago










  • $begingroup$
    sorry for fuzzing your points. having read the previous question, i understand that some of what's going on is a design requirement for whatever reason.
    $endgroup$
    – ShapeOfMatter
    5 hours ago















$begingroup$
Can you tell me why it would be biased? It's easily solved with one line.
$endgroup$
– leaustinwile
5 hours ago




$begingroup$
Can you tell me why it would be biased? It's easily solved with one line.
$endgroup$
– leaustinwile
5 hours ago




1




1




$begingroup$
@leaustinwile 26 times out of 36, the first character will be a letter (since you have 26 letters and 10 digits). Since this continues for the remaining characters, you'll run thru letters faster than digits, resulting in more digits at the end.
$endgroup$
– 1201ProgramAlarm
5 hours ago




$begingroup$
@leaustinwile 26 times out of 36, the first character will be a letter (since you have 26 letters and 10 digits). Since this continues for the remaining characters, you'll run thru letters faster than digits, resulting in more digits at the end.
$endgroup$
– 1201ProgramAlarm
5 hours ago












$begingroup$
Review the code again, I've solved this problem and fixed the "" declaration of the string. (Old java habits).
$endgroup$
– leaustinwile
5 hours ago




$begingroup$
Review the code again, I've solved this problem and fixed the "" declaration of the string. (Old java habits).
$endgroup$
– leaustinwile
5 hours ago












$begingroup$
sorry for fuzzing your points. having read the previous question, i understand that some of what's going on is a design requirement for whatever reason.
$endgroup$
– ShapeOfMatter
5 hours ago




$begingroup$
sorry for fuzzing your points. having read the previous question, i understand that some of what's going on is a design requirement for whatever reason.
$endgroup$
– ShapeOfMatter
5 hours ago













3












$begingroup$

In general, placing constraints on your passwords, such as that they have x-many numerals and y-many letters, makes your password generation scheme slightly worse; there's no advantage.

But sometimes we're required to do silly things.



In this situation, it looks like the requirement is to have at least four of each, but that could change, as could the desired length of the password. So if this is going to be a reusable tool, it sounds like it should take at least 4 parameters, three of them optional:



  • password_length

  • max_alpha - default password_length

  • max_num - default password_length

  • quantity - default 0

This will give you useful and appropriate behavior by default. The other convenient thing is that you can exclude a character class altogether by setting the max_x to 0.

Do remember to check that the input values are reasonable (non-negative or whatever).



I think the problem 1201ProgramAlarm points out is real, but his proposed solution is a little vague (and sounds hard to maintain), and the edit you made to solve the problem doesn't look like it addresses it at all.



Here's what I would do, both for the above reason and for maintainability:



  • Define each character class as a separate vector. (Should upper-case and lower-case be their own classes? this could get complicated fast.)

  • Define a vector containing the union of the character classes.

  • Calculate how many don't-care characters there will be, such that max_alpha + max_num (+ etc) + dont_care == password_length.

  • For each of the target character quantities, select that many characters (uniformly at random with replacement) from the respective class (vector). You could probably be pushing all of these to a single string/buffer as you go.

  • Shuffle the string.

Also, because this is Code Review:



  • You're building a list passwds, but you're not using it.

  • Taking arguments from stdin isn't as user-friendly as taking them as arguments to main(), in my opinion.

  • The whole business of removing duplicates from the list seems fishy to me, but I guess it's better to do it in a separate step than to bake it into your password generator.

  • Is the business with the clock purely diagnostic?

  • Similarly, the part at the end where you hold for the user to hit enter seems un-friendly to me, but I guess I don't know your use-case.

  • If you do implement my advice above, then you're almost certainly going to want to break this up into a couple different functions.





share|improve this answer








New contributor



ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





$endgroup$












  • $begingroup$
    So I hear all your points, but you have to remember, this wasn't programmed for maximum efiiciency. It was just written as a PoC for another question in a different channel. I just thought I'd post it in here to learn. The business with the clock is purely diagnostic. That was simply in there for my purposes, to see when it ended during debug, if the strings generated were in fact non-uniform. I agree about the stdin vs. argv point too, again, it was just created in VS as a PoC for someone else's problem. Good points, but shuffling the array and then again picking a random index
    $endgroup$
    – leaustinwile
    1 hour ago
















3












$begingroup$

In general, placing constraints on your passwords, such as that they have x-many numerals and y-many letters, makes your password generation scheme slightly worse; there's no advantage.

But sometimes we're required to do silly things.



In this situation, it looks like the requirement is to have at least four of each, but that could change, as could the desired length of the password. So if this is going to be a reusable tool, it sounds like it should take at least 4 parameters, three of them optional:



  • password_length

  • max_alpha - default password_length

  • max_num - default password_length

  • quantity - default 0

This will give you useful and appropriate behavior by default. The other convenient thing is that you can exclude a character class altogether by setting the max_x to 0.

Do remember to check that the input values are reasonable (non-negative or whatever).



I think the problem 1201ProgramAlarm points out is real, but his proposed solution is a little vague (and sounds hard to maintain), and the edit you made to solve the problem doesn't look like it addresses it at all.



Here's what I would do, both for the above reason and for maintainability:



  • Define each character class as a separate vector. (Should upper-case and lower-case be their own classes? this could get complicated fast.)

  • Define a vector containing the union of the character classes.

  • Calculate how many don't-care characters there will be, such that max_alpha + max_num (+ etc) + dont_care == password_length.

  • For each of the target character quantities, select that many characters (uniformly at random with replacement) from the respective class (vector). You could probably be pushing all of these to a single string/buffer as you go.

  • Shuffle the string.

Also, because this is Code Review:



  • You're building a list passwds, but you're not using it.

  • Taking arguments from stdin isn't as user-friendly as taking them as arguments to main(), in my opinion.

  • The whole business of removing duplicates from the list seems fishy to me, but I guess it's better to do it in a separate step than to bake it into your password generator.

  • Is the business with the clock purely diagnostic?

  • Similarly, the part at the end where you hold for the user to hit enter seems un-friendly to me, but I guess I don't know your use-case.

  • If you do implement my advice above, then you're almost certainly going to want to break this up into a couple different functions.





share|improve this answer








New contributor



ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





$endgroup$












  • $begingroup$
    So I hear all your points, but you have to remember, this wasn't programmed for maximum efiiciency. It was just written as a PoC for another question in a different channel. I just thought I'd post it in here to learn. The business with the clock is purely diagnostic. That was simply in there for my purposes, to see when it ended during debug, if the strings generated were in fact non-uniform. I agree about the stdin vs. argv point too, again, it was just created in VS as a PoC for someone else's problem. Good points, but shuffling the array and then again picking a random index
    $endgroup$
    – leaustinwile
    1 hour ago














3












3








3





$begingroup$

In general, placing constraints on your passwords, such as that they have x-many numerals and y-many letters, makes your password generation scheme slightly worse; there's no advantage.

But sometimes we're required to do silly things.



In this situation, it looks like the requirement is to have at least four of each, but that could change, as could the desired length of the password. So if this is going to be a reusable tool, it sounds like it should take at least 4 parameters, three of them optional:



  • password_length

  • max_alpha - default password_length

  • max_num - default password_length

  • quantity - default 0

This will give you useful and appropriate behavior by default. The other convenient thing is that you can exclude a character class altogether by setting the max_x to 0.

Do remember to check that the input values are reasonable (non-negative or whatever).



I think the problem 1201ProgramAlarm points out is real, but his proposed solution is a little vague (and sounds hard to maintain), and the edit you made to solve the problem doesn't look like it addresses it at all.



Here's what I would do, both for the above reason and for maintainability:



  • Define each character class as a separate vector. (Should upper-case and lower-case be their own classes? this could get complicated fast.)

  • Define a vector containing the union of the character classes.

  • Calculate how many don't-care characters there will be, such that max_alpha + max_num (+ etc) + dont_care == password_length.

  • For each of the target character quantities, select that many characters (uniformly at random with replacement) from the respective class (vector). You could probably be pushing all of these to a single string/buffer as you go.

  • Shuffle the string.

Also, because this is Code Review:



  • You're building a list passwds, but you're not using it.

  • Taking arguments from stdin isn't as user-friendly as taking them as arguments to main(), in my opinion.

  • The whole business of removing duplicates from the list seems fishy to me, but I guess it's better to do it in a separate step than to bake it into your password generator.

  • Is the business with the clock purely diagnostic?

  • Similarly, the part at the end where you hold for the user to hit enter seems un-friendly to me, but I guess I don't know your use-case.

  • If you do implement my advice above, then you're almost certainly going to want to break this up into a couple different functions.





share|improve this answer








New contributor



ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





$endgroup$



In general, placing constraints on your passwords, such as that they have x-many numerals and y-many letters, makes your password generation scheme slightly worse; there's no advantage.

But sometimes we're required to do silly things.



In this situation, it looks like the requirement is to have at least four of each, but that could change, as could the desired length of the password. So if this is going to be a reusable tool, it sounds like it should take at least 4 parameters, three of them optional:



  • password_length

  • max_alpha - default password_length

  • max_num - default password_length

  • quantity - default 0

This will give you useful and appropriate behavior by default. The other convenient thing is that you can exclude a character class altogether by setting the max_x to 0.

Do remember to check that the input values are reasonable (non-negative or whatever).



I think the problem 1201ProgramAlarm points out is real, but his proposed solution is a little vague (and sounds hard to maintain), and the edit you made to solve the problem doesn't look like it addresses it at all.



Here's what I would do, both for the above reason and for maintainability:



  • Define each character class as a separate vector. (Should upper-case and lower-case be their own classes? this could get complicated fast.)

  • Define a vector containing the union of the character classes.

  • Calculate how many don't-care characters there will be, such that max_alpha + max_num (+ etc) + dont_care == password_length.

  • For each of the target character quantities, select that many characters (uniformly at random with replacement) from the respective class (vector). You could probably be pushing all of these to a single string/buffer as you go.

  • Shuffle the string.

Also, because this is Code Review:



  • You're building a list passwds, but you're not using it.

  • Taking arguments from stdin isn't as user-friendly as taking them as arguments to main(), in my opinion.

  • The whole business of removing duplicates from the list seems fishy to me, but I guess it's better to do it in a separate step than to bake it into your password generator.

  • Is the business with the clock purely diagnostic?

  • Similarly, the part at the end where you hold for the user to hit enter seems un-friendly to me, but I guess I don't know your use-case.

  • If you do implement my advice above, then you're almost certainly going to want to break this up into a couple different functions.






share|improve this answer








New contributor



ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








share|improve this answer



share|improve this answer






New contributor



ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








answered 4 hours ago









ShapeOfMatterShapeOfMatter

1816




1816




New contributor



ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




New contributor




ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.













  • $begingroup$
    So I hear all your points, but you have to remember, this wasn't programmed for maximum efiiciency. It was just written as a PoC for another question in a different channel. I just thought I'd post it in here to learn. The business with the clock is purely diagnostic. That was simply in there for my purposes, to see when it ended during debug, if the strings generated were in fact non-uniform. I agree about the stdin vs. argv point too, again, it was just created in VS as a PoC for someone else's problem. Good points, but shuffling the array and then again picking a random index
    $endgroup$
    – leaustinwile
    1 hour ago

















  • $begingroup$
    So I hear all your points, but you have to remember, this wasn't programmed for maximum efiiciency. It was just written as a PoC for another question in a different channel. I just thought I'd post it in here to learn. The business with the clock is purely diagnostic. That was simply in there for my purposes, to see when it ended during debug, if the strings generated were in fact non-uniform. I agree about the stdin vs. argv point too, again, it was just created in VS as a PoC for someone else's problem. Good points, but shuffling the array and then again picking a random index
    $endgroup$
    – leaustinwile
    1 hour ago
















$begingroup$
So I hear all your points, but you have to remember, this wasn't programmed for maximum efiiciency. It was just written as a PoC for another question in a different channel. I just thought I'd post it in here to learn. The business with the clock is purely diagnostic. That was simply in there for my purposes, to see when it ended during debug, if the strings generated were in fact non-uniform. I agree about the stdin vs. argv point too, again, it was just created in VS as a PoC for someone else's problem. Good points, but shuffling the array and then again picking a random index
$endgroup$
– leaustinwile
1 hour ago





$begingroup$
So I hear all your points, but you have to remember, this wasn't programmed for maximum efiiciency. It was just written as a PoC for another question in a different channel. I just thought I'd post it in here to learn. The business with the clock is purely diagnostic. That was simply in there for my purposes, to see when it ended during debug, if the strings generated were in fact non-uniform. I agree about the stdin vs. argv point too, again, it was just created in VS as a PoC for someone else's problem. Good points, but shuffling the array and then again picking a random index
$endgroup$
– leaustinwile
1 hour ago











leaustinwile is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















leaustinwile is a new contributor. Be nice, and check out our Code of Conduct.












leaustinwile is a new contributor. Be nice, and check out our Code of Conduct.











leaustinwile is a new contributor. Be nice, and check out our Code of Conduct.














Thanks for contributing an answer to Code Review Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

Use MathJax to format equations. MathJax reference.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f219954%2fgenerating-10-character-passwords-with-3-6-digits-and-3-6-uppercase-letters-in%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Canceling a color specificationRandomly assigning color to Graphics3D objects?Default color for Filling in Mathematica 9Coloring specific elements of sets with a prime modified order in an array plotHow to pick a color differing significantly from the colors already in a given color list?Detection of the text colorColor numbers based on their valueCan color schemes for use with ColorData include opacity specification?My dynamic color schemes

Invision Community Contents History See also References External links Navigation menuProprietaryinvisioncommunity.comIPS Community ForumsIPS Community Forumsthis blog entry"License Changes, IP.Board 3.4, and the Future""Interview -- Matt Mecham of Ibforums""CEO Invision Power Board, Matt Mecham Is a Liar, Thief!"IPB License Explanation 1.3, 1.3.1, 2.0, and 2.1ArchivedSecurity Fixes, Updates And Enhancements For IPB 1.3.1Archived"New Demo Accounts - Invision Power Services"the original"New Default Skin"the original"Invision Power Board 3.0.0 and Applications Released"the original"Archived copy"the original"Perpetual licenses being done away with""Release Notes - Invision Power Services""Introducing: IPS Community Suite 4!"Invision Community Release Notes

199年 目錄 大件事 到箇年出世嗰人 到箇年死嗰人 節慶、風俗習慣 導覽選單