tag:blogger.com,1999:blog-4975003600549562099.post1830990835978345005..comments2024-03-21T08:41:58.016-07:00Comments on MySQL Stored Procedures and Functions: Truly Random and Complex Password Generator - Part 1 of 20v34c10ckhttp://www.blogger.com/profile/08190457138541999570noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-4975003600549562099.post-41985549338784804982015-08-06T04:45:41.472-07:002015-08-06T04:45:41.472-07:00@Tim You're welcome. If you remove characters,...@Tim You're welcome. If you remove characters, you will need to adjust your dice. The dice roll value is based on the amount of characters that will be randomly selected.Anonymoushttps://www.blogger.com/profile/02255184849568648527noreply@blogger.comtag:blogger.com,1999:blog-4975003600549562099.post-69454224081342139062015-02-20T10:51:08.499-08:002015-02-20T10:51:08.499-08:00This is a great function, thank you. If I want to...This is a great function, thank you. If I want to remove some of the characters from the set randomChar string what else would I need to change? We have some applications that don't behave well with a few of these characters. When I just remove the character I frequently get a NULL returned from the function.<br />ThanksTim Toennieshttps://www.blogger.com/profile/18351760252435386823noreply@blogger.comtag:blogger.com,1999:blog-4975003600549562099.post-41348124955676472162011-06-08T17:47:43.577-07:002011-06-08T17:47:43.577-07:00@water outbreaks
Thank you for your feedback.
Th...@water outbreaks<br /><br />Thank you for your feedback.<br /><br />The RAND() function gets predictability issues when it is seeded repeatedly with the current time, and because it is meant to be fast, the time is the same and it is re-seeded with the same seed. The predictability issue is that the random number generated is exactly the same, not a similar or close number from the previously generated one.<br /><br />The solution presented here does not use seeded values such as RAND(3) in the example shown in the manual. RAND() can be repeatedly called without any predictability issues. The manual has to be updated to clarify that it refers to the seed value issue.<br /><br />Regarding GPUs cracking strong passwords, the recommendation is to increase the password length. The 8-character password string stated here is meant to be just an example as stated above. Use a 12-character random password string and even GPUs will take years to crack it.0v34c10ckhttps://www.blogger.com/profile/08190457138541999570noreply@blogger.comtag:blogger.com,1999:blog-4975003600549562099.post-59927121275166628482011-06-08T12:53:18.819-07:002011-06-08T12:53:18.819-07:00If you are using mysql's Rand function, than y...If you are using mysql's Rand function, than you can't say its "Truly Random". Rand is pseudo random, not perfectly, truly random. Therefore, anything you create with it, is not truly random. <br /><br />From the myslq manual<br /><br />http://dev.mysql.com/doc/refman/5.0/en/mathematical-functions.html#function_rand<br /><br />"RAND() is not meant to be a perfect random generator. It is a fast way to generate random numbers on demand that is portable between platforms for the same MySQL version. "<br /><br />That will create strong passwords that are not easily cracked without brute forcing them, which unfortunately is pretty easy these days:<br /><br />http://www.zdnet.com/blog/hardware/cheap-gpus-are-rendering-strong-passwords-useless/13125water outbreakshttps://www.blogger.com/profile/06183882709784530159noreply@blogger.com