Random passwords generation (Python vs Perl) =)

[NoName]

Perl:
@char=("A".."Z","a".."z",0..9);
do{print join("",@char[map{rand @char}(1..8)])}while(<>);

!!generate passwords untill U press ctrl-z



Python (from CookBook):

from random import choice
import string
print ''.join([choice(string.letters+string.digits) for i in
range(1,8)])

!!generate password once

who can write this smaller or without 'import'?

 

[Leif K-Brooks]

from random import choice
import string
print ''.join([choice(string.letters+string.digits) for i in
range(1,8)])

!!generate password once

So add a while true: line.

who can write this smaller or without 'import'?

Why are those your goals?

 

[Paul Rubin]

from random import choice
import string
print ''.join([choice(string.letters+string.digits) for i in
range(1,8)])

!!generate password once

who can write this smaller or without 'import'?

If you don't mind possibly getting a few nonalphanumeric characters:

import os,binascii
print binascii.b2a_base64(os.urandom(6))

 

[Paul McGuire]

Perl:
@char=("A".."Z","a".."z",0..9);
do{print join("",@char[map{rand @char}(1..8)])}while(<>);

!!generate passwords untill U press ctrl-z

Python (from CookBook):

from random import choice
import string
print ''.join([choice(string.letters+string.digits) for i in
range(1,8)])

!!generate password once

who can write this smaller or without 'import'?

from random import choice
pwdchars = ''.join(chr(c) for c in range(ord('a'),ord('z')+1)+
range(ord('A'),ord('Z')+1)+
range(ord('0'),ord('9')+1) )

while(True) : print ''.join(choice(pwdchars) for i in range(8))


(Note that you want to use range(8), not range(1,8), since range gives
you the values [a,b) if two arguments are given, or [0,a) if only one
is given, and it appears that you want 8-character passwords.)

But really, there's nothing wrong with using import, and reusing known
good code from the string module is better than reimplementing it in
new code as I have done (less code === fewer opportunities for bugs).
rand is not a built-in as it apparently is in Perl, but random is part
of the core library, so all Python installs will have it available -
likewise for string.

-- Paul

 

[James Stroud]

Perl:
@char=("A".."Z","a".."z",0..9);
do{print join("",@char[map{rand @char}(1..8)])}while(<>);

!!generate passwords untill U press ctrl-z



Python (from CookBook):

from random import choice
import string
print ''.join([choice(string.letters+string.digits) for i in
range(1,8)])

!!generate password once

Make a loop.

who can write this smaller

I won't write it for you, but I'll tell you how:

Write a function for the whole loop and the password generator and from
then on it will be a one-liner (as a function call).

> or without 'import'?

Yes, make sure you do the import inside the function.

If you follow my advice, you will be able to get as many passwords as
you want with one line (and no spaces, even!):

generate_passwords()

It also reads much clearer than the perl version, don't you think?

By the way, you can also make a script. Call it "genpass", then at the
command prompt, it will be far less than one line:

% genpass

Or, if you are using DOS/Windows:

C:> genpass

A lot of systems don't have a standard command called "g", so then you
can turn it into *ONE LETTER*!!! That beats the pants off perl!

% g

Or, of course, for DOS:

C:> g

Good luck!

James

 

[Paul Rubin]

from random import choice

Security note: if you're trying to generate real passwords this way,
you're better off using os.urandom instead of the random module to
generate the random numbers. The random module's results are supposed
to be statistically uncorrelated (good for stuff like games and
simulations) but they don't try to resist guessing by malicious
attackers. os.urandom results are supposed to be unguessable.

 

[NoName]

Hmmm..
In the Perl example password generates after user hit ENTER not
continously like in Python you wrote...

i want see various ways to generate passwords even if they some
indirect like using BASE64

thanks all


p.s. sorry for my eng

 

[Szabolcs Nagy]

If you don't mind possibly getting a few nonalphanumeric characters:

import os,binascii
print binascii.b2a_base64(os.urandom(6))

what about

file('/dev/urandom').read(6).encode('base64')

(oneliner and without import sa op requested)

 

[Szabolcs Nagy]

If you don't mind possibly getting a few nonalphanumeric characters:

import os,binascii
print binascii.b2a_base64(os.urandom(6))

what about

file('/dev/urandom').read(6).encode('base64')

(oneliner and without import as op requested)

 

[Paul Rubin]

file('/dev/urandom').read(6).encode('base64')
(oneliner and without import sa op requested)

Nice, though Un*x dependent (os.urandom is supposed to be portable).

 

[sturlamolden]

Is os.urandom cryptographically strong on all platforms?

 

[Laszlo Nagy]

NoName írta:

Hmmm..
In the Perl example password generates after user hit ENTER not
continously like in Python you wrote...

i want see various ways to generate passwords even if they some
indirect like using BASE64

I copied this from a recipe, I do not remember which one. I like it very
much because it creates password that are easy to type in. You can type
every odd letter with your left hand and every even letter with your
right hand.

Best,

Leslie

from random import Random

PASSWORD_LENGTH = 10

rng = Random()

def generatePassword(length=PASSWORD_LENGTH,alternate_hands=True):
righthand = '23456qwertasdfgzxcvbQWERTASDFGZXCVB'
lefthand = '789yuiophjknmYUIPHJKLNM'
allchars = righthand + lefthand
res = ""
for i in range(length):
if not alternate_hands:
res += rng.choice(allchars)
else:
if i%2:
res += rng.choice(lefthand)
else:
res += rng.choice(righthand)
return res


if __name__ == '__main__':
for i in range(10):
print generatePassword()

 

[Szabolcs Nagy]

Is os.urandom cryptographically strong on all platforms?

http://docs.python.org/lib/os-miscfunc.html

"The returned data should be unpredictable enough for cryptographic
applications, though its exact quality depends on the OS
implementation."

 

[Stargaming]

Perl:
@char=("A".."Z","a".."z",0..9);
do{print join("",@char[map{rand @char}(1..8)])}while(<>);

!!generate passwords untill U press ctrl-z



Python (from CookBook):

from random import choice
import string
print ''.join([choice(string.letters+string.digits) for i in
range(1,8)])

!!generate password once

who can write this smaller or without 'import'?

If you really want a hack, here it is:

while 1rint
''.join(__import__('random').choice(__import__('string').letters+'1234567890')
for x in xrange(8)),;n=raw_input()

This is a one-liner (though mail transmission may split it up), no
import statements. If someone can come up with an even smaller version,
feel free to post.

-- Stargaming

 

[Szabolcs Nagy]

If you really want a hack, here it is:

while 1rint
''.join(__import__('random').choice(__import__('string').letters+'1234567890')
for x in xrange(8)),;n=raw_input()

This is a one-liner (though mail transmission may split it up), no
import statements. If someone can come up with an even smaller version,
feel free to post.

while
1:i=__import__;print''.join(i('random').choice(i('string').letters
+'1234567890')for x in range(8)),;raw_input()

same but shorter:
i = __import__;
xrange -> range (why use xrange? range is faster and simpler for small
ranges)
n =(not needed)

 

[Szabolcs Nagy]

while
1:i=__import__;print''.join(i('random').choice(i('string').letters
+'1234567890')for x in range(8)),;raw_input()

while
1:i=__import__;r='random';print''.join(i(r).choice(i('string').letters
+'1234567890')for x in`r`),;raw_input()

even shorter:
range -> `'random'`

 

[John Nagle]

Nice, though Un*x dependent (os.urandom is supposed to be portable).

Uh oh. I was looking at the Python "SSL" code recently, and
noted that OpenSSL initializes the keys with '/dev/urandom' if
available, and otherwise relies on the caller to seed it with
random data and to check that enough randomness has been input.

But the Python glue code for SSL doesn't seem to have the
machinery to seed SSL with randomness. I suspect that on
platforms without '/dev/urandom', Python's SSL package may
be using the same keys every time. This needs to be looked
at by a crypto expert.

John Nagle

 

[NoName]

WOW! :shock:

in this case:

while 1:i=__import__;print
i('binascii').b2a_base64(i('os').urandom(6)),;raw_input()

 

[Steven D'Aprano]

NoName írta:
I copied this from a recipe, I do not remember which one. I like it very
much because it creates password that are easy to type in. You can type
every odd letter with your left hand and every even letter with your
right hand.

That weakens the password significantly. For a six character alpha-numeric
password with no special characters, you have (26*2+10)**6 possible
passwords, or 56,800,235,584.

Using your password generator, you have:
23

and therefore only:

35*23*35*23*35*23 = (35*23)**3 = 521,660,125

possible passwords. That's about one percent of the earlier figure, so
you lose about 99% of the strength of the password. For eight character
passwords the difference is even more dramatic: you reduce the strength of
the password by a factor of roughly 99,999,995/100,000,000.

In my opinion, if you're going to accept such a drastic reduction in
password strength, better to go for a password that is easier to memorise
than a hard-to-memorise-but-easy-to-type weak password.

Here's one such algorithm:

* think of a meaningful phrase you won't forget: e.g. "Snow White and the
Seven Dwarves"

* take the first letter of each word: "swatsd"

* mix up the capitals and make it leet: "5Wat7D"

* add some special characters if you can: "5W&t7D"

* if it is not long enough, add a suffix or prefix or both: "p5W&t7D."

And now you have a strong password that you can remember but is unlikely
to be guessed.

 

[Steven D'Aprano]

That is not true.

import timeit
timeit.Timer("range(50)", "").repeat() [2.8599629402160645, 2.8296849727630615, 2.8609859943389893]
timeit.Timer("xrange(50)", "").repeat()

[1.1806831359863281, 1.3563210964202881, 1.1632850170135498]

timeit.Timer("range(5)", "").repeat() [1.7963159084320068, 1.5487189292907715, 1.5596699714660645]
timeit.Timer("xrange(5)", "").repeat()

[1.158560037612915, 1.1807279586791992, 1.1769890785217285]

There is very little reason to use range() unless you actually need the
entire list in one go. In fact, in Python 3.0, the existing range() will
be removed and xrange() will be renamed range().