Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>While I'm not sure setting a default password is a desirable action (people often don't know how to change it and then forget it) if I were doing this, I would get a load of wordlists in various languages and pick perhaps two random words, concatenate and use that as the password.</p> <p>Means you'll have to do some leg work to find the wordlists but it should be a fairly simple process once you've got them.</p> <p>Edit: If you're just making random strings, it gets a lot simpler: you just store a file of available characters for each language. Open the right one when you come to generate and then pick random letters. Bish bash bosh. Done.</p> <p>Edit 2: As Marcelo correctly commented, you could run into the problem of generating some obscene password for the user. It might be worth also keeping localised blacklisted strings to check your password for. If any of the strings appear in the password (just in it, not the whole thing), generate a different password. This does mean you'll never generate an innocent enough password like <code>scunthorpe</code> but it also means you won't get things like <code>assclown</code> slipping through either.</p> <p>As you may have gathered, this is starting to look like a lot of work:</p> <ul> <li>Get all the valid characters for every language you plan to support</li> <li>Get all the obscene words for every language you plan to support</li> <li>Generate a password based on the letters</li> <li>Check none of them contain a swear word</li> <li>Remember that some obscene words are adopted by other languages but might not feature on language-specific blacklists so keep an international black-list too.</li> </ul> <p>You might find that setting a pass-<em>phrase</em> using known clean words from each language (per my original answer) works better.</p> <p>If all that looks too stressful, you might be better off re-adjudicating the reason for setting a random password in the first place. If it's an email-verification device, there are other, easier methods to use. Eg: sending a unique link to be clicked</p> <hr> <p><strong>Edit:</strong> Would numbers be okay? They're a <strong><em>lot</em></strong> safer, don't need combing, are international and can be long enough to be unique, they're just rarely memorable. If they're one-off copy-and-paste jobs, they should do you fine.</p> <p>If you need them to be short but highly unique (and need lots) perhaps mixing numbers with letters in predictable patterns like (<code>a</code> = letter, <code>n</code> = number) <code>annn-annn</code> gives 676,000,000 combinations. Even simple things like <code>annn</code> give enough to not be guessed (26000 combos) if they don't need to be unique... If these <em>are</em> passwords, there's nothing wrong with two being the same.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload