Generating Strong Passwords On PHP
I use the following snippet of code to generate passwords for my users:
md5(uniqid(mt_rand(), 1))
This returns a 32 character string, which is a hash of "uniqid(mt_rand(), 1)".
uniqid (string uniqid ( string prefix [, bool lcg] )) is a nice function that I discovered which generates unique strings. I prefix it with a random number and set the second parameter to 1 in order to add some entropy. This makes results more unique.
Note: When using PHP versions prior to 4.2.0, the random number generator needs to be seeded. The following snippet is generally accepted as the seed to use.
mt_srand((double) microtime() * 1000000);
Here is a few examples of the sorts of passwords that this code generates:
97dfafa794
8b8a16d017
90b18f296c
dd7e177c5a
7a96fed079
As you can see, very random (ignoring the fact that it only uses 0-9a-f (...*cough*)).