生成随机密码
当我们网站上的用户丢失密码并前往丢失密码页面时,我们需要给他一个新的临时密码。 我真的不介意这是多么随意,或者如果它匹配所有“需要”强密码规则,我想要做的就是给他们一个密码,他们可以稍后改变。
该应用程序是用C#编写的Web应用程序。 所以我正在考虑是否意味着要使用Guid的一部分的简单路线。 即
Guid.NewGuid().ToString("d").Substring(1,8)
Suggesstions? 想法?
总是有System.Web.Security.Membership.GeneratePassword(int length, int numberOfNonAlphanumericCharacters
) 。
public string CreatePassword(int length) { const string valid = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"; StringBuilder res = new StringBuilder(); Random rnd = new Random(); while (0 < length--) { res.Append(valid[rnd.Next(valid.Length)]); } return res.ToString(); }
这对于能够从所生成的密码的可用字符列表(例如仅数字,仅大写字母或仅小写字母等)中进行select具有很好的益处。
我的代码的主要目标是:
- 琴弦的分布几乎是一致的(不要在意小的偏差,只要它们很小)
- 它为每个参数集输出超过几十亿个string。 如果你的PRNG只产生20亿(31比特的熵)不同的值,那么产生一个8个字符的string(〜47比特的熵)是毫无意义的。
- 这是安全的,因为我希望人们使用这个密码或其他安全令牌。
第一个属性是通过以字母大小为模的64位值来实现的。 对于小字母(如问题中的62个字符),这会导致可以忽略的偏差。 第二个和第三个属性是通过使用RNGCryptoServiceProvider
而不是System.Random
来实现的。
using System; using System.Security.Cryptography; public static string GetRandomAlphanumericString(int length) { const string alphanumericCharacters = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz" + "0123456789"; return GetRandomString(length, alphanumericCharacters); } public static string GetRandomString(int length, IEnumerable<char> characterSet) { if (length < 0) throw new ArgumentException("length must not be negative", "length"); if (length > int.MaxValue / 8) // 250 million chars ought to be enough for anybody throw new ArgumentException("length is too big", "length"); if (characterSet == null) throw new ArgumentNullException("characterSet"); var characterArray = characterSet.Distinct().ToArray(); if (characterArray.Length == 0) throw new ArgumentException("characterSet must not be empty", "characterSet"); var bytes = new byte[length * 8]; new RNGCryptoServiceProvider().GetBytes(bytes); var result = new char[length]; for (int i = 0; i < length; i++) { ulong value = BitConverter.ToUInt64(bytes, i * 8); result[i] = characterArray[value % (uint)characterArray.Length]; } return new string(result); }
(这是我的答案的副本如何在C#中生成随机的8个字符,字母数字string? )
以下是我如何生成随机令牌:
public string GenerateToken(int length) { RNGCryptoServiceProvider cryptRNG = new RNGCryptoServiceProvider(); byte[] tokenBuffer = new byte[length]; cryptRNG.GetBytes(tokenBuffer); return Convert.ToBase64String(tokenBuffer); }
注意到这个返回一个64位的string,输出长度总是4的倍数,额外的空间使用=
作为填充字符。 length
参数指定字节缓冲区的长度,而不是输出string(因此可能不是该参数的最佳名称,现在我考虑它)。 这将控制密码将有多less个字节的熵 。 但是,由于base-64使用4个字符的块来对每个3字节的input进行编码,如果要求的长度不是3的倍数,那么会有一些额外的“空间”,它将使用=
来填充额外的。
如果您不喜欢使用base-64string,可以用Convert.ToBase64String()
方法replace为常规string,也可以使用任何Encoding
方法。 例如。 Encoding.UTF8.GetString(tokenBuffer)
– 只要确保select了一个可以表示从RNG出来的全部值的字符集,并且可以生成与您发送或存储的字符兼容的字符。 例如使用Unicode,往往会给出很多中文字符。 使用base-64可以保证一个广泛兼容的字符集,只要你使用一个体面的散列algorithm,这样一个string的特性就不会使它变得不那么安全。
这是一个更大,但我认为它看起来更全面一些: http : //www.obviex.com/Samples/Password.aspx
/////////////////////////////////////////////////////////////////////////////// // SAMPLE: Generates random password, which complies with the strong password // rules and does not contain ambiguous characters. // // To run this sample, create a new Visual C# project using the Console // Application template and replace the contents of the Class1.cs file with // the code below. // // THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, // EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED // WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. // // Copyright (C) 2004 Obviex(TM). All rights reserved. // using System; using System.Security.Cryptography; /// <summary> /// This class can generate random passwords, which do not include ambiguous /// characters, such as I, l, and 1. The generated password will be made of /// 7-bit ASCII symbols. Every four characters will include one lower case /// character, one upper case character, one number, and one special symbol /// (such as '%') in a random order. The password will always start with an /// alpha-numeric character; it will not start with a special symbol (we do /// this because some back-end systems do not like certain special /// characters in the first position). /// </summary> public class RandomPassword { // Define default min and max password lengths. private static int DEFAULT_MIN_PASSWORD_LENGTH = 8; private static int DEFAULT_MAX_PASSWORD_LENGTH = 10; // Define supported password characters divided into groups. // You can add (or remove) characters to (from) these groups. private static string PASSWORD_CHARS_LCASE = "abcdefgijkmnopqrstwxyz"; private static string PASSWORD_CHARS_UCASE = "ABCDEFGHJKLMNPQRSTWXYZ"; private static string PASSWORD_CHARS_NUMERIC= "23456789"; private static string PASSWORD_CHARS_SPECIAL= "*$-+?_&=!%{}/"; /// <summary> /// Generates a random password. /// </summary> /// <returns> /// Randomly generated password. /// </returns> /// <remarks> /// The length of the generated password will be determined at /// random. It will be no shorter than the minimum default and /// no longer than maximum default. /// </remarks> public static string Generate() { return Generate(DEFAULT_MIN_PASSWORD_LENGTH, DEFAULT_MAX_PASSWORD_LENGTH); } /// <summary> /// Generates a random password of the exact length. /// </summary> /// <param name="length"> /// Exact password length. /// </param> /// <returns> /// Randomly generated password. /// </returns> public static string Generate(int length) { return Generate(length, length); } /// <summary> /// Generates a random password. /// </summary> /// <param name="minLength"> /// Minimum password length. /// </param> /// <param name="maxLength"> /// Maximum password length. /// </param> /// <returns> /// Randomly generated password. /// </returns> /// <remarks> /// The length of the generated password will be determined at /// random and it will fall with the range determined by the /// function parameters. /// </remarks> public static string Generate(int minLength, int maxLength) { // Make sure that input parameters are valid. if (minLength <= 0 || maxLength <= 0 || minLength > maxLength) return null; // Create a local array containing supported password characters // grouped by types. You can remove character groups from this // array, but doing so will weaken the password strength. char[][] charGroups = new char[][] { PASSWORD_CHARS_LCASE.ToCharArray(), PASSWORD_CHARS_UCASE.ToCharArray(), PASSWORD_CHARS_NUMERIC.ToCharArray(), PASSWORD_CHARS_SPECIAL.ToCharArray() }; // Use this array to track the number of unused characters in each // character group. int[] charsLeftInGroup = new int[charGroups.Length]; // Initially, all characters in each group are not used. for (int i=0; i<charsLeftInGroup.Length; i++) charsLeftInGroup[i] = charGroups[i].Length; // Use this array to track (iterate through) unused character groups. int[] leftGroupsOrder = new int[charGroups.Length]; // Initially, all character groups are not used. for (int i=0; i<leftGroupsOrder.Length; i++) leftGroupsOrder[i] = i; // Because we cannot use the default randomizer, which is based on the // current time (it will produce the same "random" number within a // second), we will use a random number generator to seed the // randomizer. // Use a 4-byte array to fill it with random bytes and convert it then // to an integer value. byte[] randomBytes = new byte[4]; // Generate 4 random bytes. RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); rng.GetBytes(randomBytes); // Convert 4 bytes into a 32-bit integer value. int seed = BitConverter.ToInt32(randomBytes, 0); // Now, this is real randomization. Random random = new Random(seed); // This array will hold password characters. char[] password = null; // Allocate appropriate memory for the password. if (minLength < maxLength) password = new char[random.Next(minLength, maxLength+1)]; else password = new char[minLength]; // Index of the next character to be added to password. int nextCharIdx; // Index of the next character group to be processed. int nextGroupIdx; // Index which will be used to track not processed character groups. int nextLeftGroupsOrderIdx; // Index of the last non-processed character in a group. int lastCharIdx; // Index of the last non-processed group. int lastLeftGroupsOrderIdx = leftGroupsOrder.Length - 1; // Generate password characters one at a time. for (int i=0; i<password.Length; i++) { // If only one character group remained unprocessed, process it; // otherwise, pick a random character group from the unprocessed // group list. To allow a special character to appear in the // first position, increment the second parameter of the Next // function call by one, ie lastLeftGroupsOrderIdx + 1. if (lastLeftGroupsOrderIdx == 0) nextLeftGroupsOrderIdx = 0; else nextLeftGroupsOrderIdx = random.Next(0, lastLeftGroupsOrderIdx); // Get the actual index of the character group, from which we will // pick the next character. nextGroupIdx = leftGroupsOrder[nextLeftGroupsOrderIdx]; // Get the index of the last unprocessed characters in this group. lastCharIdx = charsLeftInGroup[nextGroupIdx] - 1; // If only one unprocessed character is left, pick it; otherwise, // get a random character from the unused character list. if (lastCharIdx == 0) nextCharIdx = 0; else nextCharIdx = random.Next(0, lastCharIdx+1); // Add this character to the password. password[i] = charGroups[nextGroupIdx][nextCharIdx]; // If we processed the last character in this group, start over. if (lastCharIdx == 0) charsLeftInGroup[nextGroupIdx] = charGroups[nextGroupIdx].Length; // There are more unprocessed characters left. else { // Swap processed character with the last unprocessed character // so that we don't pick it until we process all characters in // this group. if (lastCharIdx != nextCharIdx) { char temp = charGroups[nextGroupIdx][lastCharIdx]; charGroups[nextGroupIdx][lastCharIdx] = charGroups[nextGroupIdx][nextCharIdx]; charGroups[nextGroupIdx][nextCharIdx] = temp; } // Decrement the number of unprocessed characters in // this group. charsLeftInGroup[nextGroupIdx]--; } // If we processed the last group, start all over. if (lastLeftGroupsOrderIdx == 0) lastLeftGroupsOrderIdx = leftGroupsOrder.Length - 1; // There are more unprocessed groups left. else { // Swap processed group with the last unprocessed group // so that we don't pick it until we process all groups. if (lastLeftGroupsOrderIdx != nextLeftGroupsOrderIdx) { int temp = leftGroupsOrder[lastLeftGroupsOrderIdx]; leftGroupsOrder[lastLeftGroupsOrderIdx] = leftGroupsOrder[nextLeftGroupsOrderIdx]; leftGroupsOrder[nextLeftGroupsOrderIdx] = temp; } // Decrement the number of unprocessed groups. lastLeftGroupsOrderIdx--; } } // Convert password characters into a string and return the result. return new string(password); } } /// <summary> /// Illustrates the use of the RandomPassword class. /// </summary> public class RandomPasswordTest { /// <summary> /// The main entry point for the application. /// </summary> [STAThread] static void Main(string[] args) { // Print 100 randomly generated passwords (8-to-10 char long). for (int i=0; i<100; i++) Console.WriteLine(RandomPassword.Generate(8, 10)); } } // // END OF FILE ///////////////////////////////////////////////////////////////////////////////
我知道这是一个古老的线索,但我有什么可能是一个相当简单的解决scheme供人使用。 易于实施,易于理解,易于validation。
考虑以下要求:
我需要一个随机的密码,至less有2个小写字母,2个大写字母和2个数字。 密码长度不得less于8个字符。
下面的正则expression式可以validation这种情况:
^(?=\b\w*[az].*[az]\w*\b)(?=\b\w*[AZ].*[AZ]\w*\b)(?=\b\w*[0-9].*[0-9]\w*\b)[a-zA-Z0-9]{8,}$
这不在这个问题的范围之内 – 但是正则expression式是基于前瞻/后视和查找的 。
下面的代码将创build一个随机的符合这个要求的字符集:
public static string GeneratePassword(int lowercase, int uppercase, int numerics) { string lowers = "abcdefghijklmnopqrstuvwxyz"; string uppers = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; string number = "0123456789"; Random random = new Random(); string generated = "!"; for (int i = 1; i <= lowercase; i++) generated = generated.Insert( random.Next(generated.Length), lowers[random.Next(lowers.Length - 1)].ToString() ); for (int i = 1; i <= uppercase; i++) generated = generated.Insert( random.Next(generated.Length), uppers[random.Next(uppers.Length - 1)].ToString() ); for (int i = 1; i <= numerics; i++) generated = generated.Insert( random.Next(generated.Length), number[random.Next(number.Length - 1)].ToString() ); return generated.Replace("!", string.Empty); }
要符合上述要求,只需拨打以下电话:
String randomPassword = GeneratePassword(3, 3, 3);
代码以一个无效的字符( "!"
)开始 – 这样string的长度可以被注入新的字符。
然后从1循环到所需的小写字符数,并在每次迭代中从小写列表中抓取一个随机项,并将其注入string中的随机位置。
然后重复大写字母和数字的循环。
这将返回长度= lowercase + uppercase + numerics
string,您希望计数的小写字母,大写字母和数字字符以随机顺序排列。
对于这种密码,我倾向于使用一个可能产生更容易“使用”的密码的系统。 简而言之,通常由可发音的片段和一些数字组成,而且没有字符间的歧义(是0还是O?A 1或I?)。 就像是
string[] words = { 'bur', 'ler', 'meh', 'ree' }; string word = ""; Random rnd = new Random(); for (i = 0; i < 3; i++) word += words[rnd.Next(words.length)] int numbCount = rnd.Next(4); for (i = 0; i < numbCount; i++) word += (2 + rnd.Next(7)).ToString(); return word;
(直接input到浏览器中,所以只能用作指导,还要加上更多的单词)。
我创build了这个使用RNGCryptoServiceProvider的类 ,它很灵活。 例:
var generator = new PasswordGenerator(minimumLengthPassword: 8, maximumLengthPassword: 15, minimumUpperCaseChars: 2, minimumNumericChars: 3, minimumSpecialChars: 2); string password = generator.Generate();
我不喜欢Membership.GeneratePassword()创build的密码,因为它们太丑,而且有太多特殊字符。
此代码会生成一个10位不太难看的密码。
string password = Guid.NewGuid().ToString("N").ToLower() .Replace("1", "").Replace("o", "").Replace("0","") .Substring(0,10);
当然,我可以使用正则expression式来完成所有的replace,但这是更易读和可维护的IMO。
我创build了类似于成员资格提供者中可用的方法。 如果您不想在某些应用程序中添加Web引用,这是有用的。
它工作很好。
public static string GeneratePassword(int Length, int NonAlphaNumericChars) { string allowedChars = "abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ0123456789"; string allowedNonAlphaNum = "!@#$%^&*()_-+=[{]};:<>|./?"; Random rd = new Random(); if (NonAlphaNumericChars > Length || Length <= 0 || NonAlphaNumericChars < 0) throw new ArgumentOutOfRangeException(); char[] pass = new char[Length]; int[] pos = new int[Length]; int i = 0, j = 0, temp = 0; bool flag = false; //Random the position values of the pos array for the string Pass while (i < Length - 1) { j = 0; flag = false; temp = rd.Next(0, Length); for (j = 0; j < Length; j++) if (temp == pos[j]) { flag = true; j = Length; } if (!flag) { pos[i] = temp; i++; } } //Random the AlphaNumericChars for (i = 0; i < Length - NonAlphaNumericChars; i++) pass[i] = allowedChars[rd.Next(0, allowedChars.Length)]; //Random the NonAlphaNumericChars for (i = Length - NonAlphaNumericChars; i < Length; i++) pass[i] = allowedNonAlphaNum[rd.Next(0, allowedNonAlphaNum.Length)]; //Set the sorted array values by the pos array for the rigth posistion char[] sorted = new char[Length]; for (i = 0; i < Length; i++) sorted[i] = pass[pos[i]]; string Pass = new String(sorted); return Pass; }
我一直非常喜欢KeePass内置的密码生成器。 由于KeePass是一个.Net程序,并且是开源的,所以我决定在代码中挖掘一下。 我结束了刚刚提到的标准应用程序安装中提供的KeePass.exe作为参考在我的项目中,并编写下面的代码。 你可以看到KeePass的灵活性。 你可以指定长度,哪些字符包括/不包括等等…
using KeePassLib.Cryptography.PasswordGenerator; using KeePassLib.Security; public static string GeneratePassword(int passwordLength, bool lowerCase, bool upperCase, bool digits, bool punctuation, bool brackets, bool specialAscii, bool excludeLookAlike) { var ps = new ProtectedString(); var profile = new PwProfile(); profile.CharSet = new PwCharSet(); profile.CharSet.Clear(); if (lowerCase) profile.CharSet.AddCharSet('l'); if(upperCase) profile.CharSet.AddCharSet('u'); if(digits) profile.CharSet.AddCharSet('d'); if (punctuation) profile.CharSet.AddCharSet('p'); if (brackets) profile.CharSet.AddCharSet('b'); if (specialAscii) profile.CharSet.AddCharSet('s'); profile.ExcludeLookAlike = excludeLookAlike; profile.Length = (uint)passwordLength; profile.NoRepeatingCharacters = true; KeePassLib.Cryptography.PasswordGenerator.PwGenerator.Generate(out ps, profile, null, _pool); return ps.ReadString(); }
我喜欢看生成密码,就像生成软件密钥一样。 你应该从一组遵循良好实践的angular色中进行select。 拿@ Radu094回答并修改它以遵循良好的做法。 不要把每个字母都放在字符数组中。 有些信件在电话上很难说或理解。
您还应该考虑对生成的密码使用校验和,以确保它是由您生成的。 完成这个的一个好方法是使用LUHNalgorithm 。
这是我快速放在一起。
public string GeneratePassword(int len) { string res = ""; Random rnd = new Random(); while (res.Length < len) res += (new Func<Random, string>((r) => { char c = (char)((r.Next(123) * DateTime.Now.Millisecond % 123)); return (Char.IsLetterOrDigit(c)) ? c.ToString() : ""; }))(rnd); return res; }
这很短,对我来说很好。
public static string GenerateRandomCode(int length) { Random rdm = new Random(); StringBuilder sb = new StringBuilder(); for(int i = 0; i < length; i++) sb.Append(Convert.ToChar(rdm.Next(101,132))); return sb.ToString(); }
在我的网站上,我使用这种方法:
//Symb array private const string _SymbolsAll = "~`!@#$%^&*()_+=-\\|[{]}'\";:/?.>,<"; //Random symb public string GetSymbol(int Length) { Random Rand = new Random(DateTime.Now.Millisecond); StringBuilder result = new StringBuilder(); for (int i = 0; i < Length; i++) result.Append(_SymbolsAll[Rand.Next(0, _SymbolsAll.Length)]); return result.ToString(); }
编辑string_SymbolsAll
为您的数组列表。
为接受的答案添加了一些补充代码。 它改进了只使用随机的答案,并允许一些密码选项。 我也喜欢KeePass答案中的一些选项,但不希望在我的解决scheme中包含可执行文件。
private string RandomPassword(int length, bool includeCharacters, bool includeNumbers, bool includeUppercase, bool includeNonAlphaNumericCharacters, bool includeLookAlikes) { if (length < 8 || length > 128) throw new ArgumentOutOfRangeException("length"); if (!includeCharacters && !includeNumbers && !includeNonAlphaNumericCharacters) throw new ArgumentException("RandomPassword-Key arguments all false, no values would be returned"); string pw = ""; do { pw += System.Web.Security.Membership.GeneratePassword(128, 25); pw = RemoveCharacters(pw, includeCharacters, includeNumbers, includeUppercase, includeNonAlphaNumericCharacters, includeLookAlikes); } while (pw.Length < length); return pw.Substring(0, length); } private string RemoveCharacters(string passwordString, bool includeCharacters, bool includeNumbers, bool includeUppercase, bool includeNonAlphaNumericCharacters, bool includeLookAlikes) { if (!includeCharacters) { var remove = new string[] { "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z" }; foreach (string r in remove) { passwordString = passwordString.Replace(r, string.Empty); passwordString = passwordString.Replace(r.ToUpper(), string.Empty); } } if (!includeNumbers) { var remove = new string[] { "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" }; foreach (string r in remove) passwordString = passwordString.Replace(r, string.Empty); } if (!includeUppercase) passwordString = passwordString.ToLower(); if (!includeNonAlphaNumericCharacters) { var remove = new string[] { "!", "@", "#", "$", "%", "^", "&", "*", "(", ")", "-", "_", "+", "=", "{", "}", "[", "]", "|", "\\", ":", ";", "<", ">", "/", "?", "." }; foreach (string r in remove) passwordString = passwordString.Replace(r, string.Empty); } if (!includeLookAlikes) { var remove = new string[] { "(", ")", "0", "O", "o", "1", "i", "I", "l", "|", "!", ":", ";" }; foreach (string r in remove) passwordString = passwordString.Replace(r, string.Empty); } return passwordString; }
这是我search生成随机密码时的第一个链接,以下内容超出了当前问题的范围,但可能很重要。
- 基于
System.Web.Security.Membership.GeneratePassword
是encryption保护的假设,并且至less有20%的字符是非字母数字。 - 不确定删除字符和附加string在这种情况下被认为是好的做法,并提供足够的熵。
- 可能要考虑使用SecureString以某种方式实现内存中的安全密码存储。
validChars可以是任何构造,但我决定select基于ascii代码范围删除控制字符。 在这个例子中,它是一个12个字符的string。
string validChars = String.Join("", Enumerable.Range(33, (126 - 33)).Where(i => !(new int[] { 34, 38, 39, 44, 60, 62, 96 }).Contains(i)).Select(i => { return (char)i; })); string.Join("", Enumerable.Range(1, 12).Select(i => { return validChars[(new Random(Guid.NewGuid().GetHashCode())).Next(0, validChars.Length - 1)]; }))
插入一个定时器:timer1,2button:button1,button2,1 textBox:textBox1和一个comboBox:comboBox1。 确保你声明:
int count = 0;
源代码:
private void button1_Click(object sender, EventArgs e) { // This clears the textBox, resets the count, and starts the timer count = 0; textBox1.Clear(); timer1.Start(); } private void timer1_Tick(object sender, EventArgs e) { // This generates the password, and types it in the textBox count += 1; string possible = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"; string psw = ""; Random rnd = new Random { }; psw += possible[rnd.Next(possible.Length)]; textBox1.Text += psw; if (count == (comboBox1.SelectedIndex + 1)) { timer1.Stop(); } } private void Form1_Load(object sender, EventArgs e) { // This adds password lengths to the comboBox to choose from. comboBox1.Items.Add("1"); comboBox1.Items.Add("2"); comboBox1.Items.Add("3"); comboBox1.Items.Add("4"); comboBox1.Items.Add("5"); comboBox1.Items.Add("6"); comboBox1.Items.Add("7"); comboBox1.Items.Add("8"); comboBox1.Items.Add("9"); comboBox1.Items.Add("10"); comboBox1.Items.Add("11"); comboBox1.Items.Add("12"); } private void button2_click(object sender, EventArgs e) { // This encrypts the password tochar = textBox1.Text; textBox1.Clear(); char[] carray = tochar.ToCharArray(); for (int i = 0; i < carray.Length; i++) { int num = Convert.ToInt32(carray[i]) + 10; string cvrt = Convert.ToChar(num).ToString(); textBox1.Text += cvrt; } }
public string Sifre_Uret(int boy, int noalfa) { // 01.03.2016 // Genel amaçlı şifre üretme fonksiyonu //Fonskiyon 128 den büyük olmasına izin vermiyor. if (boy > 128 ) { boy = 128; } if (noalfa > 128) { noalfa = 128; } if (noalfa > boy) { noalfa = boy; } string passch = System.Web.Security.Membership.GeneratePassword(boy, noalfa); //URL encoding ve Url Pass + json sorunu yaratabilecekler pass ediliyor. //Microsoft Garanti etmiyor. Alfa Sayısallar Olabiliyorimiş . !@#$%^&*()_-+=[{]};:<>|./?. //https://msdn.microsoft.com/tr-tr/library/system.web.security.membership.generatepassword(v=vs.110).aspx //URL ve Json ajax lar için filtreleme passch = passch.Replace(":", "z"); passch = passch.Replace(";", "W"); passch = passch.Replace("'", "t"); passch = passch.Replace("\"", "r"); passch = passch.Replace("/", "+"); passch = passch.Replace("\\", "e"); passch = passch.Replace("?", "9"); passch = passch.Replace("&", "8"); passch = passch.Replace("#", "D"); passch = passch.Replace("%", "u"); passch = passch.Replace("=", "4"); passch = passch.Replace("~", "1"); passch = passch.Replace("[", "2"); passch = passch.Replace("]", "3"); passch = passch.Replace("{", "g"); passch = passch.Replace("}", "J"); //passch = passch.Replace("(", "6"); //passch = passch.Replace(")", "0"); //passch = passch.Replace("|", "p"); //passch = passch.Replace("@", "4"); //passch = passch.Replace("!", "u"); //passch = passch.Replace("$", "Z"); //passch = passch.Replace("*", "5"); //passch = passch.Replace("_", "a"); passch = passch.Replace(",", "V"); passch = passch.Replace(".", "N"); passch = passch.Replace("+", "w"); passch = passch.Replace("-", "7"); return passch; }