Skip to content
Snippets Groups Projects
Commit 987c8d26 authored by Andreas Gohr's avatar Andreas Gohr
Browse files

Increased strength of auto generated passwords a bit 

If you want better random initialization and more control over the
password strength install the passpolicy plugin.
parent d628dcf3
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 15 additions and 14 deletions
inc/auth.php
+ 15
14
View file @ 987c8d26
...@@ -681,14 +681,14 @@ function auth_nameencode($name, $skip_group = false) { ...@@ -681,14 +681,14 @@ function auth_nameencode($name, $skip_group = false) {
* The $foruser variable might be used by plugins to run additional password * The $foruser variable might be used by plugins to run additional password
* policy checks, but is not used by the default implementation * policy checks, but is not used by the default implementation
* *
* @author Andreas Gohr <andi@splitbrain.org> * @author Andreas Gohr <andi@splitbrain.org>
* @link http://www.phpbuilder.com/annotate/message.php3?id=1014451 * @link http://www.phpbuilder.com/annotate/message.php3?id=1014451
* @triggers AUTH_PASSWORD_GENERATE * @triggers AUTH_PASSWORD_GENERATE
* *
* @param string $foruser username for which the password is generated * @param string $foruser username for which the password is generated
* @return string pronouncable password * @return string pronouncable password
*/ */
function auth_pwgen($foruser='') { function auth_pwgen($foruser = '') {
$data = array( $data = array(
'password' => '', 'password' => '',
'foruser' => $foruser 'foruser' => $foruser
...@@ -696,18 +696,19 @@ function auth_pwgen($foruser='') { ...@@ -696,18 +696,19 @@ function auth_pwgen($foruser='') {
$evt = new Doku_Event('AUTH_PASSWORD_GENERATE', $data); $evt = new Doku_Event('AUTH_PASSWORD_GENERATE', $data);
if($evt->advise_before(true)) { if($evt->advise_before(true)) {
$c = 'bcdfghjklmnprstvwz'; //consonants except hard to speak ones $c = 'bcdfghjklmnprstvwz'; //consonants except hard to speak ones
$v = 'aeiou'; //vowels $v = 'aeiou'; //vowels
$a = $c.$v; //both $a = $c.$v; //both
$s = '!$%&?+*~#-_:.;,'; // specials
//use two syllables...
for($i = 0; $i < 2; $i++) { //use thre syllables...
$data['password'] .= $c[rand(0, strlen($c) - 1)]; for($i = 0; $i < 3; $i++) {
$data['password'] .= $v[rand(0, strlen($v) - 1)]; $data['password'] .= $c[mt_rand(0, strlen($c) - 1)];
$data['password'] .= $a[rand(0, strlen($a) - 1)]; $data['password'] .= $v[mt_rand(0, strlen($v) - 1)];
$data['password'] .= $a[mt_rand(0, strlen($a) - 1)];
} }
//... and add a nice number //... and add a nice number and special
$data['password'] .= rand(10, 99); $data['password'] .= mt_rand(10, 99).$s[mt_rand(0, strlen($s) - 1)];
} }
$evt->advise_after(); $evt->advise_after();
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment