Life is grand

Random Ruby Password Magic

I have never been a big language geek. My CV lists a raft of them; C#, JavaScript, Ruby, VBScript and even COBOL. But I know many coders (like Kenny, Brian or David) who have a much deeper understanding than I do. On a daily basis Brian shows me twists and turns of C# that I had no idea about. I am not ashamed about this though. Programmers aren’t one type. We have generalists and specialists, high-level chaps and on-the-metal sorts.

Occasionally though along comes a language or system that works the way I think. I then go to another level of understanding with it. HTML and CSS may not be strict programming languages but I do know them to a far greater degree than I do other languages. I am dead confident with them which is a nice feeling.

I reckon Ruby is fast revealing itself to be a language I will grow to be confident in, one I’ll understand beyond my usual level. It feels right.

Just an hour ago I needed some Ruby code that would generate a random string of characters (for a password system in this case.) One Google later and I came across this post. A comment by Scott Becker blew me away with its usesfulness and simplicity. Here is the code:
schars = "0124356789abcdefghijk" password = "" 1.upto(8) { password += schars[rand(schars.length),1] }

In other languages a line like that would leave me scratching my head and turning to Brian but in Ruby it made elegant, simple sense.

This entry was posted on Thursday, June 1st, 2006 at 2:57 pm and is filed under Code, Development, Generator, Password, Random, Ruby. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Viewing 4 Comments

Kenny Kerr 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

I thought I’d mention that there are two fundamental problems with using a general purpose random number generator (RNG) – regardless of language or platform. The first is scale. If you’re relying on an even distribution in a server context with concurrent users then you’re out of luck with the .NET Framework’s Random class and most other general purpose implementations. This also applies to other applications that rely heavily on random numbers for statistics or game play for example. The second issue is security. Any use of an RNG is a prime target for attack as they can easily be foiled to produce the same number. This is a problem when random numbers are used for passwords, establishing session keys, etc. What you need is a cryptographic RNG. For managed code you can rely on the RNGCryptoServiceProvider class. Does Ruby provide something comparable?

reply edit reblog flag record video comment

http://weblogs.asp.net/kennykerr/

Farrel Lifson 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

IMO I prefer 8.times over 1.upto(8).

reply edit reblog flag record video comment

http://www.lifson.info

Paul Watson 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Nice improvement, thanks Farrel.

reply edit reblog flag record video comment

http://www.paulmwatson.com/

bobes 1 year ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

password = (1..8).collect { |i| schars[rand(schars.length), 1]}

reply edit reblog flag record video comment

Random Ruby Password Magic

Add New Comment

Viewing 4 Comments

Add New Comment

Trackbacks