This is a fork of http://code.google.com/p/pwgen-php, a tool to generate pronounceable, easy-to-remember, yet safe, passwords (a PHP port of GNU pwgen)
The pwgen class generates passwords which are designed to be easily memorized by humans, while being as secure as possible. Human-memorable passwords are never going to be as secure as completely random passwords. In particular, passwords generated by pwgen without the secure-option should not be used in places where the password could be attacked via a brute-force attack. On the other hand, completely randomly generated passwords have a tendency to be written down, and are subject to being compromised in that fashion.
{
"require": {
"tidigraphics/pwgen-php": "~1.0"
}
}
Generating a password is as simple as creating a new PasswordGenerator object and invoking the generate() function on it:
use PWGen\PasswordGenerator;
$pwgen = new PasswordGenerator();
$password = $pwgen->generate();
echo $password;
or
use PWGen\PasswordGenerator;
echo PasswordGenerator::create()->generate();
The output could be Theik0Sa, for example.
If you want to generate several passwords, it's wise in terms of performance and memory consumption, to use an existing $pwgen object multiple times. Every time you invoke the generate() function, a new password is generated.
$pwgen = new PasswordGenerator();
for ($i=0; $i < 1000000; $i++) {
$password = $pwgen->generate();
echo $password;
}
You can use the following options on the constructior
Default: 8
Length of the generated password.
Default: false
Generate completely random, hard-to-memorize passwords. These should only be used for machine passwords, since otherwise it's almost guaranteed that users will simply write the password on a piece of paper taped to the monitor...
Default: true
Include at least one number in the password.
Default: true
Include at least one capital letter in the password. This is the default.
Default: false
Don't use characters that could be confused by the user when printed, such as 'l' and '1', or '0' or 'O'. This reduces the number of possible passwords significantly, and as such reduces the quality of the passwords. It may be useful for users who have bad vision, but in general use of this option is not recommended.
Default: false
Generate random passwords that do not contain vowels or numbers that might be mistaken for vowels. It provides less secure passwords to allow system administrators to not have to worry with random passwords accidentally contain offensive substrings.
Default: false
Include at least one special character in the password.
This library uses the new cryptoraphically secure random number generators which are new to php7 it uses paragonie/random_compat as a polyfill for older php versions
In fact, you should not. pwgen-php is open source. I would be happy if you took a look at the source code and report issues or improvements.
This library requires php 5.3 or up
pwgen-php may be distributed under the terms of the GPL License.
Copyright © 2009 by Superwayne superwayne@superwayne.org (PHP port) Copyright © 2009 by Superwayne superwayne@superwayne.org (PHP port) Copyright © 2001, 2002 by Theodore Ts'o tytso@alum.mit.edu (C version)