DISQUS

Website
http://paulmwatson.com/journal
Original page
http://paulmwatson.com/journal/2006/06/01/random-ruby-password-magic/
Subscribe
All Comments
Community
Top Commenters
- aidanf
  1 comment · 3 points
- keithbohanna
  1 comment · 1 points
- martinmurphy
  1 comment · 1 points
- jufemaiz
  1 comment · 1 points
- lxsg
  1 comment · 1 points
Popular Threads

Kenny Kerr · 3 years ago

I thought I’d mention that there are two fundamental problems with using a general purpose random number generator (RNG) – regardless of language or platform. The first is scale. If you’re relying on an even distribution in a server context with concurrent users then you’re out of luck with the .NET Framework’s Random class and most other general purpose implementations. This also applies to other applications that rely heavily on random numbers for statistics or game play for example. The second issue is security. Any use of an RNG is a prime target for attack as they can easily be foiled to produce the same number. This is a problem when random numbers are used for passwords, establishing session keys, etc. What you need is a cryptographic RNG. For managed code you can rely on the RNGCryptoServiceProvider class. Does Ruby provide something comparable?
Farrel Lifson · 3 years ago

IMO I prefer 8.times over 1.upto(8).
Paul Watson · 3 years ago

Nice improvement, thanks Farrel.
bobes · 2 years ago

password = (1..8).collect { |i| schars[rand(schars.length), 1]}