The first argument of a function is a number of syllables in a password (not recommended to use less than 2), the second argument is a prefix flag(whether to add prefix or not).
Example usage
<!-- don't forget to paste code of ae_gen_password function
(see above) here -->
<html><head><title>Memorizable password generator</title></head>
<body>
<h1>Memorizable password generator</h2>
(press 'Refresh' to generate more)
<h2>2 syllables, no prefix</h2>
<ul>
<?php for($i=0; $i<10; $i++)
echo "<li>".ae_gen_password(2, false)."</li>";?></ul>
<h2>2 syllables, prefix</h2>
<ul>
<?php for($i=0; $i<10; $i++)
echo "<li>".ae_gen_password(2, true)."</li>";?></ul>
<h2>3 syllables, no prefix</h2>
<ul>
<?php for($i=0; $i<10; $i++)
echo "<li>".ae_gen_password(3, false)."</li>";?></ul>
<h2>3 syllables, prefix</h2>
<ul>
<?php for($i=0; $i<10; $i++)
echo "<li>".ae_gen_password(3, true)."</li>";?></ul>
</body>
</html>
| warning |  |
Crypto-analytic who knows password generation algorithm(and the set of prefixes/suffixes) may perform successful brute-force attack (trying all possible passwords). However 3-syllable passwords(without prefix) are nearly as difficult to guess as 6-digit hexadecimal(string 0-F) password, which is suitable for non-critical applications.
Consider changing(adding more) arrays of prefixes/suffixes if you plan to use ae_gen_password function seriously
| tested | |
FreeBSD 5.2 :: PHP 5.1.4
Ubuntu Linux 6.2 :: PHP 5.2
No comments:
Post a Comment