Here is a generic function that will generate a password string using letters and numbers.

Function GeneratePassword()
Dim strPass, i
Randomize
For i = 0 To 7
Select Case Int(((3-1+1) * Rnd) + 1)
Case 1
strPass = strPass & Chr(Int(((57-48+1) * Rnd) + 48))
Case 2
strPass = strPass & Chr(Int(((122-97+1) * Rnd) + 97))
Case 3
strPass = strPass & Chr(Int(((122-97+1) * Rnd) + 97))
End Select
Next
GeneratePassword = strPass
End Function

hi Ecstacy,

this can be done with the rnd() function. to get a random password out of random numbers, create a loop depending on the passwords length and a string containing all allowed letters and numbers first. in each loop randomly pick out one of the letters with the rnd() function and concat them. voila, your random password is done.

korkus2000,

What if this function will generate a particular password again as it is genberated by random method?

Thats ok, but the probablilty is low. The password should be matched up to username so you create a new record. If you have to have a unique password match against existing passwords and regenerate. Of course you are talking about a huge slow down in processing.

Iīd look for an ASP implementation of the md5 algorithm.

So, according to you I may proceed with this code without any hesitation. right?

I don't see any problem with it. Keeping it secure is the hard part. Generating an 8 digit/character string is the easy part. If you want to be super fancy you can use a log to test each password like credit cards numbers use. I don't know how to do that.

It's ok.
Thanks a lot for your response.
Can you tell me whtat is md5 algorithm?

[The MD5 algorithm] takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message digest. The MD5 algorithm is intended for digital signature applications, where a large file must be "compressed" in a secure manner before being encrypted with a private (secret) key under a public-key cryptosystem such as RSA.

[faqs.org...]

You might want to have a look at md5() [php.net] or Digest::MD5 [perldoc.com] to get an idea what this is about.

The md5 digest of "Aaron" in a hex form is "1c0a11cc4ddc0dbd3fa4d77232a4e22e". If you take a unique message (time, process number, and some string) then your digest will be unique as well. This will solve your problem of getting the same password twice.

Andreas

what exactly md5 algorithm is?
And can i use it for my automatic generated password's security?

Thanks a lotandreasfriedrich.

I've got something now.

Can you tell me how to implement md5 algorithm to any asp page?

If you want to implement it yourself start with the RFC link that I provided. Otherwise search for a ready made library. I do not use ASP myself so I canīt point you to one. But a search on Google for "md5 asp" might yield some results ;).

Andreas

ok
thanks