DZone Snippets is a public source code repository. Easily build up your personal collection of code snippets, categorize them with tags / keywords, and share them with the world

Mickael Gerard

Mickael has posted 15 posts at DZone. View Full User Profile

Generate Random Password In Ruby

03.06.2007

| 21342 views |

        Aaron Blohowiak suggests adding this as a public method in user.rb:

def new_random_password
  self.password= Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--")[0,6]
  self.password_confirmation = self.password
end

Tags:

Comments

Snippets Manager replied on Tue, 2009/01/06 - 8:48am

As I know, this is about Ruby 1.9 Many production servers still based on Ruby 1.8.6

Snippets Manager replied on Mon, 2012/05/07 - 2:36pm

Maybe this is more secure?


ActiveSupport::SecureRandom.base64(6)

Snippets Manager replied on Tue, 2009/01/06 - 8:48am

I've wrote an article about generate random password before user has been saved Please take a look: http://railsgeek.com/2009/1/6/generate-random-password-in-rails

Snippets Manager replied on Mon, 2007/03/26 - 12:53pm

It makes me pretty nervous to use passwords that weak by default. This has more characters and more randomness: self.password = Base64.encode64(Digest::SHA1.digest("#{rand(1<<64)}/#{Time.now.to_f}/#{Process.pid}/#{login}"))[0..7] But ultimately, if somebody knows about when you created the password and what your username are, there aren't that many possibilities to try. It would be best to include something truly random, which is hard to do cross-platform.