{"id":34,"date":"2017-08-23T09:13:42","date_gmt":"2017-08-23T07:13:42","guid":{"rendered":"http:\/\/www.tomvst.be\/blog\/?p=34"},"modified":"2017-08-23T09:15:17","modified_gmt":"2017-08-23T07:15:17","slug":"php7-generate-secure-password-based-on-a-string-of-allowed-characters","status":"publish","type":"post","link":"https:\/\/www.tomvst.net\/blog\/2017\/08\/php7-generate-secure-password-based-on-a-string-of-allowed-characters\/","title":{"rendered":"PHP7: Generate secure password based on a string of allowed characters"},"content":{"rendered":"<p>There are quite some easy implementations out there to generate a secure random string in PHP, most of them by encoding a binary string using Base64 or bin2hex. However, this limits the characters used in your password (Base64 = A-Z, a-z, 0-9 and + and \/; bin2hex = 0-9 and a-f).<\/p>\n<p>&nbsp;<\/p>\n<p>Here I&#8217;ll share my solution to generate a secure password (requires PHP 7) based on a predefined character string. This leaves you the option to add complex characters (*\/-+%{}&amp;@# etc) or leave out similarly readable ones (O and 0, I and l,&#8230;).<\/p>\n<pre>$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789*\/-+[]{}&amp;#';\r\n$pass = '';\r\nfor ($x=0; $x&lt;24; $x++) {\r\n  $pass .= $chars[hexdec(bin2hex(random_bytes(1)))%strlen($chars)];\r\n}<\/pre>\n<p>You can modify the length of your password by changing the 24 into anything desired, and adding or removing characters from the $chars string.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>There are quite some easy implementations out there to generate a secure random string in PHP, most of them by encoding a binary string using&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15,16],"tags":[18,17,19],"class_list":["post-34","post","type-post","status-publish","format-standard","hentry","category-php","category-security","tag-password-generator","tag-php7","tag-secure-string"],"_links":{"self":[{"href":"https:\/\/www.tomvst.net\/blog\/wp-json\/wp\/v2\/posts\/34","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tomvst.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tomvst.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tomvst.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tomvst.net\/blog\/wp-json\/wp\/v2\/comments?post=34"}],"version-history":[{"count":2,"href":"https:\/\/www.tomvst.net\/blog\/wp-json\/wp\/v2\/posts\/34\/revisions"}],"predecessor-version":[{"id":36,"href":"https:\/\/www.tomvst.net\/blog\/wp-json\/wp\/v2\/posts\/34\/revisions\/36"}],"wp:attachment":[{"href":"https:\/\/www.tomvst.net\/blog\/wp-json\/wp\/v2\/media?parent=34"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tomvst.net\/blog\/wp-json\/wp\/v2\/categories?post=34"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tomvst.net\/blog\/wp-json\/wp\/v2\/tags?post=34"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}