http://lifeisgrand.disqus.com/enSun, 11 Feb 2007 09:10:32 -0000http://paulmwatson.com/journal/2006/06/01/random-ruby-password-magic/#comment-1280469password = (1..8).collect { |i| schars[rand(schars.length), 1]}bobesSun, 11 Feb 2007 09:10:32 -0000http://paulmwatson.com/journal/2006/06/01/random-ruby-password-magic/#comment-1280468Nice improvement, thanks Farrel.Paul WatsonSun, 04 Jun 2006 15:07:38 -0000http://paulmwatson.com/journal/2006/06/01/random-ruby-password-magic/#comment-1280467IMO I prefer 8.times over 1.upto(8).Farrel LifsonSun, 04 Jun 2006 09:25:15 -0000http://paulmwatson.com/journal/2006/06/01/random-ruby-password-magic/#comment-1280466I thought I’d mention that there are two fundamental problems with using a general purpose random number generator (RNG) – regardless of language or platform. The first is scale. If you’re relying on an even distribution in a server context with concurrent users then you’re out of luck with the .NET Framework’s Random class and most other general purpose implementations. This also applies to other applications that rely heavily on random numbers for statistics or game play for example. The second issue is security. Any use of an RNG is a prime target for attack as they can easily be foiled to produce the same number. This is a problem when random numbers are used for passwords, establishing session keys, etc. What you need is a cryptographic RNG. For managed code you can rely on the RNGCryptoServiceProvider class. Does Ruby provide something comparable?Kenny KerrThu, 01 Jun 2006 23:20:59 -0000