Avantajul folosirii parolelor generate aleatoriu este ca sunt greu, poate imposbil, de spart de catre un script malitios sau ghicite de catre cineva. Asadar, atata timp cat folositi parole generate aleatoriu sunteti protejati de atacuri prin forta bruta (brute force attacks), atacuri cu dictionarul (dictionary attacks), inginerie sociala.

Cu toate acestea, exista si un dezavantaj: parolele generate aleatoriu sunt greu de retinut. Din acest motiv, trebuie sa invatam sa ne alegem propriile parole. O parola trebuie sa fie usor de retinut in minte dar indeajuns de puternica cat sa nu fie sparta sau ghicita. In acest sens va voi arata o metoda care va permite sa obtineti acest lucru. Trebui sa alegem un cuvant familiar noua si sa-l scriem folosind un alfabet special. Pentru o intelegere mai buna va voi prezenta un exemplu. Aleg numele meu, care este Marian, si il scriu in felul urmator: |\/|@r!@|\|. Asa cum se poate vedea am inlocuit “m” cu “|\/|”, “a” cu “@”, “i” cu “!”, “n” cu “|\|”. Privitor la celelalte litere ale alfabetului puteti inlocui:

• “b” cu “|3″ (bara verticala, cifra trei)
• “d” cu “|)” (bara verticala, paranteza deschiasa de inchidere)
• “e” cu “3″ (cifra trei)
• “h” cu “|-|” (bara verticala, minus, bara verticala)
• “k” cu “|<” (bara vertical, semnul mai mic)
• “o” cu “0″ (cifra zero)
• “u” cu “|_|” (bara verticala, underscore, bara verticala)
• “x” cu “><” (semnul mai mare, semnul mai mic)

Si ca sa nu fiu zgarcit, sa fiu cat mai open-source o sa arat si codul-sursa al aplicatiei. Poate cineva ma va ajuta sa optimizez mai mult codul.

<?php
if (isset($_POST['generate'])) {
	if (!empty($_POST['lower_case'])) {
		$lower_case = 'abcdefghijklmnopqrstuvwxyz';
	} else {
		$lower_case = NULL;
	}

	if (!empty($_POST['capitals'])) {
		$capitals = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
	} else {
		$capitals = NULL;
	}

	if (!empty($_POST['digits'])) {
		$digits = '01234567890123456789';
	} else {
		$digits = NULL;
	}

	if (!empty($_POST['special_characters'])) {
		$special_characters = '!@#$%^&*()!@#$%^&*()';
	} else {
		$special_characters = NULL;
	}

	$characters = $lower_case.$capitals.$digits.$special_characters;

	if (empty($lower_case) && empty($capitals) && empty($digits) && empty($special_characters)) {
		$error_message = "<span style=\" color:red;\">You must choose the type of characters.</span>";
	} else {
		$password = '';

		//I generate randomly the password
		for ($i = 0; $i < $_POST['number']; $i++) {
			$password .= substr($characters,rand(0,strlen($characters) - 1),1);
		}
	}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>How can I get a ramdomly generated password?</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="Content-Language" content="ro" />
<meta name="description" content="How can I get a ramdomly generated password?" />
<meta name="keywords" content="generate,password,random,ramdomly,php,javascript,script,strong,brute,force,dictionary,attack,special" />
<meta name="abstract" content="How can I get a ramdomly generated password?" />
<meta name="author" content="AccesInterzis" />
<meta name="copyright" content="AccesInterzis" />
<meta name="robots" content="index,follow" />
<meta name="revisit-after" content="7 days" />
<link href="http://www.accesinterzis.ro/myportofolio/css/reset.css" type="text/css" rel="stylesheet" media="all" />
<style type="text/css">
div#main {
	width:450px;
	margin:0 auto;

	border:0px red solid;
}

form#random_form {
	border:0px red solid;
}

form#random_form div {
	margin:0 0 1px 0;
}
form#random_form label {
	width:150px;
	float:left;
	border:0px blue solid;
}

form#random_form select {
	width:45px;
	border:1px #900;
}

form#random_form input#generate {
	width:auto;
	border:none;
	color:#efefef;
	background-color:#666;
	cursor:pointer;
}

form#random_form input#generate:hover {
	background-color:#333;
}
</style>

</head>
<body>
<!--main-->
<div id="main">
	<?php
	if (!empty($error_message)) echo $error_message;
	?>
	<!--PHP script-->
	<form action="<?php echo htmlentities(strip_tags('http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']), ENT_QUOTES, 'utf-8'); ?>" method="post" id="random_form">
		<div>
			<label for="number">number of characters:</label>
			<select name="number" id="number">
			<?php
			$min_max = range(6,30);
			foreach ($min_max as $item) {
				if(strcmp($_POST['number'],$item) == 0) {
					echo '<option selected="selected">'.$item.'</option>'."\r\n";
				} else {
					echo '<option>'.$item.'</option>'."\r\n";
				}
			}
			?>
			</select>
		</div>

		<div>
			<label for="lower_case">lower case:</label>
			<input type="checkbox" name="lower_case" id="lower_case" <?php if (!empty($lower_case)) {echo 'checked="checked"';} ?> />
			<span style="color:#ccc">(abcdefg...)</span>
		</div>

		<div>
			<label for="capitals">capitals:</label>
			<input type="checkbox" name="capitals" id="capitals" <?php if (!empty($capitals)) {echo 'checked="checked"';} ?> />
			<span style="color:#ccc">(ABCDEFG...)</span>
		</div>

		<div>
			<label for="digits">digits:</label>
			<input type="checkbox" name="digits" id="digits" <?php if (!empty($digits)) {echo 'checked="checked"';} ?> />
			<span style="color:#ccc">(0123456...)</span>
		</div>

		<div>
			<label for="special_characters">special characters:</label>
			<input type="checkbox" name="special_characters" id="special_characters" <?php if (!empty($special_characters)) {echo 'checked="checked"';} ?> />
			<span style="color:#ccc">(!@#$%^...)</span>
		</div>

		<div style="margin:10px 0 10px 0;">
			<label><strong>password</strong>:</label>
			<?php
			if (!empty($password)) {
				echo $password;
			} else {
				echo '<span style="color:#ccc;">Your password will be generated here.</span>';
			}
			?>
		</div>

		<div>
			<label> &nbsp; </label>
			<input name="generate" type="submit" id="generate" value="generate" />
		</div>
	</form>
	<!--/PHP script-->
</div>
<!--/main-->
</body>
</html>

Publica acest articol pe Twitter

Niciun articol asemanator.