Below is a script I generated to create a 12 digit unique membership id. I
originally wanted upper and lower case letters but was over ruled for the
end user's sake =) Anyway, change the 1*rnd to a 2*rnd and you'll get
uppercase, lowercase, and numbers in your randomstring. Change the 'for
counter = 1 to x' to increase/decrease the length of the string.

Our application was stored in a backend database so each of the IDs we
generate is compared to the existing data in the table. If a match is found
it'll loop through the code and generate a new ID. We'll never get a dupe
that way =) I removed that code for the sake of this posting. --> also, we
run this as a stored procedure for performance reasons. It'll run great as
an ASP page though for single use applications.

Here's an example of the output:

Your MembershipID number is: 7PaUOZN3RcC2

Bill

<%

dim MembershipID

Function NewLongID()
Dim TempLongID
   For Counter = 1 to 12
   ' Generate a 12 digit MembershipID
      Randomize Timer / RND
          ' use the system timer as the seed to get a random number and divide it
by a random number
          WhichChar = cInt(1 * RND + 1) 'generate a 1 or a 2, skip 3 for now change
to: 2* if we need 1, 2, or 3
          select case WhichChar
                 case "1"
                         ' Generate a random uppercase letter
                         TempLongID = TempLongID & Chr((ASC("Z") - ASC("A")) * RND + ASC("A"))
                 case "2"
                         ' Generate a random number
                    TempLongID = TempLongID & Chr((ASC("9") - ASC("0")) * RND + ASC("0"))
             case "3"
                    ' Generate a random lowercase letter
                    TempLongID = TempLongID & Chr((ASC("z") - ASC("a")) * RND + ASC("a"))
                 case else
                    ' This should never happen if you have the formula for "WhichChar"
                        ' entered correctly!
                    TempLongID = "oops! = '" & WhichChar & "'"
          end select
   Next
   NewLongID = TempLongID
End Function

MembershipID=NewLongID()

%>
<html>
<head>
<title></title>
<body>
Your MembershipID number is: <b><%=MembershipID%></b><br>
</body>
</html>

-----Original Message-----
From: calyth [mailto:calythhome.com]
Sent: Thursday, December 20, 2001 3:03 PM
To: focus-mssecurityfocus.com
Subject: Re: question regarding SAM file / l0phtcrack / pwdump2

> Why not follow some of the simple steps put forth by
> Microsoft in the first place. I didn't catch if you
> were on NT or 2K (late to the thread, sorry) but what
> about installing PASSFILT.DLL on your systems, setting
> minimum password lengths, enabling password histories,
> enabling auditing, etc. Ntsecurity.nu has
> 'strongpass.dll' which can enhance the restrictions on
> passwords even further.

Why don't you just use a random password generator then? If your network is
all
Windows, then I think it wouldn't mind if you use symbols as password. See
if
you can grab a random password generator, specify the characters you want to
use, and make the users to use it. Unless they want to know how the password
system works, I'll doubt if they'll ever create a good password themselves.

Calyth

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]