Re: Generating random values. - Mailing list pgsql-general

From Mike Nolan
Subject Re: Generating random values.
Date
Msg-id 200508171735.j7HHZcI7026929@gw.tssi.com
Whole thread Raw
In response to Generating random values.  (Fernando Lujan <flujan@gmail.com>)
List pgsql-general
> I have a table wich contains my users... I want to insert to each user
> a random password, so I need a random function. Is there such function
> in Postgres? I just found the RANDOM which generates values between
> 0.0 and 1.0.

If you multiply that random number by a large integer and then truncate
or round the result, you will get a random integer between 0 and
whatever you use as a multiplier.

For example, 'select round(random() * 999999)' will generate a six digit
random integer.

Whether that's a good password generator is a completely different subject,
one for which there is no 'best' answer.

The more arbitrary the password, the more likely the user is to write it
down or have it saved in a password file on their computer, both of which
tend to defeat the purpose of having passwords in the first place.

I find some rather silly password 'standards' out there.  For example,
one company I've done business with requires that their passwords be
EXACTLY six characters long, of which two must be UPPER CASE letters,
two must be lower case letters and two must be numbers.

I have a short PHP program which generates (IMHO) better random passwords,
using several random numbers to select two short words (2-4 characters)
from a dictionary file and adding in a number.

Here are a few passwords generated by it just now:

caps270nods
egopegs326
mast659quip
semi607it
rots505hot

I usually generate 3 or 4 passwords then let the user pick one.  I often
screen the output so that I don't get passwords like this one:

pissbum560
--
Mike Nolan

pgsql-general by date:

Previous
From: eu
Date:
Subject: PostgreSQL 8.0.3 limiting max_connections to 64 ?
Next
From: Greg Stark
Date:
Subject: Re: table clustering brings joy