Never ever ever never use Random() in the generation of anything that requires true security/randomness Var shuffeldChars = source.ShuffleSecure().ToArray() Public static string ShuffleTextSecure(this string source) Int randomIndex = (counter, sourceArray.Length) Public static IEnumerable ShuffleSecure(this IEnumerable source)įor (int counter = 0 counter < sourceArray.Length counter++) New Lazy(() => new RandomSecureVersion()) Private string GetRandomString(string possibleChars, int lenght)įor (var position = 0 position RandomSecure = Var result = unshuffeledResult.ShuffleTextSecure() Shuffle the result so the order of the characters are unpredictable Var unshuffeledResult = minimumChars + rest Var rest = GetRandomString(_allAvailableChars, lengthOfPassword - minimumChars.Length) GetRandomString(AllSpecialChars, MinimumSpecialChars) GetRandomString(AllNumericChars, MinimumNumericChars) + GetRandomString(AllUpperCaseChars, MinimumUpperCaseChars) + Var minimumChars = GetRandomString(AllLowerCaseChars, MinimumLowerCaseChars) + add random charactes of all catagories Get the required number of characters of each catagory and Var lengthOfPassword = _randomSecure.Next(MinimumLengthPassword, MaximumLengthPassword) If (minimumLowerCaseChars 0 || _minimumNumberOfChars = 0 ? allChars : string.Empty
Throw new ArgumentException("The minimumLength is bigger than the maximum length.", If (minimumLengthPassword maximumLengthPassword) Define characters that are valid and reject ambiguous characters such as ilo, IO and 1 or 0ĪllLowerCaseChars = GetCharRange('a', 'z', exclusiveChars: "ilo") ĪllUpperCaseChars = GetCharRange('A', 'Z', exclusiveChars: "IO") ĪllNumericChars = GetCharRange('2', '9') Private readonly RandomSecureVersion _randomSecure = new RandomSecureVersion() Private readonly string _allAvailableChars
Not sure where I found this but here's a class to generate high entropy, truly random strings that can be used as passwords.
0 kommentar(er)
