HiveBrain v1.2.0
Get Started
← Back to all entries
patternjavascriptMinor

Improve random password generator

Submitted by: @import:stackexchange-codereview··
0
Viewed 0 times
improverandomgeneratorpassword

Problem

Can you please take a look at my code and improve it (if necessary)?

http://jsfiddle.net/U6R6E/

Javascript (with jQuery)

function random(min, max) {
    return min + parseInt(Math.random() * (max - min + 1), 10);
}
function generatePassword() {
    var length = parseInt($('#pwLength').val(), 10),
        charset = $('#pwChars').val(),
        password = "";
    while (length > 0) {
        length -= 1;
        console.log(length);
        password += charset[random(0, charset.length - 1)];
    }
    return password;
}
function getNewPassword() {
    $('#pwResult').html(generatePassword());
}
$(document).ready(function () {
    getNewPassword();
    $('#getNewPw').click(function () {
        getNewPassword();
        return false;
    });
});


HTML


    
    
    New

Solution

Math.random() doesn't return cryptographically secure numbers on all browsers. If this is intended for production use, you'll want to use a library that has a secure PRNG.

If you're not going to go with Jerry's suggestion to make pronounceable passwords, I'd recommend at least getting rid of 1/l/I and O/0, which a number of password generators do by default, because people often mis-read them and then request a password reset.

Context

StackExchange Code Review Q#30211, answer score: 9

Revisions (0)

No revisions yet.