Results 1 to 11 of 11

Thread: [RESOLVED] Avoiding Duplicates in Random Passwords

  1. #1

    Thread Starter
    Member
    Join Date
    May 2019
    Posts
    50

    Resolved [RESOLVED] Avoiding Duplicates in Random Passwords

    I need to generate a pattern of random string for each file name in a specific directory.
    but i don't know why i have a duplicate result!

    Code:
    Option Explicit
    
    Private Const C_EKEY  As Double = 1.123
    
    Public Function sRandomString(iLength As Integer, ByVal strSeed As String) As String
        Dim i As Integer
        Dim j As Integer
        Dim s As String
        Static b As Boolean
        
      Dim lngX     As Long
      Dim lngI     As Long
      Dim strMap   As String
      Dim strPWD   As String
    
       For lngX = 1 To Len(strSeed)
          lngI = lngI + Asc(Mid$(strSeed, lngX, 1))
       Next lngX
    
       Rnd -1
       Randomize CInt(lngI * C_EKEY)
       
        Do Until j = iLength
            i = Int(100 * Rnd + 36)
            s = s + Chr$(i)
            j = j + 1
        Loop
        sRandomString = s
    End Function

  2. #2
    Hyperactive Member
    Join Date
    Jan 2018
    Posts
    264

    Re: Avoiding Duplicates in Random Passwords

    You're calling Randomize with a non-random seed, so you're guaranteed to get duplicates when you provide the same seed. On top of that, a ton of your "seeds" are equivalent to each other with that weird Asc(Mid$ calculation. VB6's random functions aren't great, but just calling Randomize with no parameters would be vastly better than what you're doing. Or just use FileSystemObject.GetTempName... Are all of the strings you are generating even valid filenames?

    Edit: Oh, I got your question backwards. But you don't really want a random string, you want a one-way hash, right? At a minimum you'll want to do a CRC32 on the file name instead of just adding up the ASCII values.
    Last edited by ahenry; May 17th, 2019 at 05:20 PM.

  3. #3

    Thread Starter
    Member
    Join Date
    May 2019
    Posts
    50

    Re: Avoiding Duplicates in Random Passwords

    Quote Originally Posted by ahenry View Post
    You're calling Randomize with a non-random seed, so you're guaranteed to get duplicates when you provide the same seed. On top of that, a ton of your "seeds" are equivalent to each other with that weird Asc(Mid$ calculation. VB6's random functions aren't great, but just calling Randomize with no parameters would be vastly better than what you're doing. Or just use FileSystemObject.GetTempName... Are all of the strings you are generating even valid filenames?

    Edit: Oh, I got your question backwards. But you don't really want a random string, you want a one-way hash, right? At a minimum you'll want to do a CRC32 on the file name instead of just adding up the ASCII values.
    Yes exactly i want (somehow) to get hash for each file name but with more possibilities of characters, more than CRC32 or MD, MD2, MD4, MD5 or SHA, and i don't want to use any of these hashes.
    All i want is to use the same function above but without duplicates.

  4. #4
    Hyperactive Member
    Join Date
    Jan 2018
    Posts
    264

    Re: Avoiding Duplicates in Random Passwords

    Well if you are dead-set on using the function you posted, then take a crc32 of the initial string, convert the crc to a long, and use that for the Randomize value. It won't be secure, or free of duplicates unless your file names are really short, but you won't produce duplicates all the time like the current code does.

  5. #5

    Thread Starter
    Member
    Join Date
    May 2019
    Posts
    50

    Re: Avoiding Duplicates in Random Passwords

    Quote Originally Posted by ahenry View Post
    Well if you are dead-set on using the function you posted, then take a crc32 of the initial string, convert the crc to a long, and use that for the Randomize value. It won't be secure, or free of duplicates unless your file names are really short, but you won't produce duplicates all the time like the current code does.
    I'll try that, Thank you ahenry.

  6. #6
    PowerPoster
    Join Date
    Jun 2013
    Posts
    7,219

    Re: Avoiding Duplicates in Random Passwords

    Quote Originally Posted by BD48 View Post
    Yes exactly i want (somehow) to get hash for each file name
    but with more possibilities of characters...
    In case you mean the hex-representation of the binary Hash-Results is too long for you -
    you can always switch from Base16 (Hex, having 16Chars in the alphabet) to another alphabet with "more chars" (e.g. Base64).

    But you will still have to hash first.

    Here's a little function, how you could reduce the amount of chars from an MD5-Hash, by using Base64-encoding of the resulting Hash-Bytes:
    Code:
    Function GetBase64Hash(S As String, Optional ByVal CaseSensitive As Boolean) As String
      Dim B() As Byte
      With New_c.Crypt ' vbRichClient5-cCrypt is used here, but any crypto-class usually offers the two methods below
        B = .MD5(IIf(CaseSensitive, S, LCase(S)), False)
        'ReDim Preserve B(0 To 8) 'that way one could reduce the 128Bit-Hash to 72Bit
        GetBase64Hash = Replace(.Base64Enc(B), "/", "#")
      End With
    End Function
    the above will print for:
    Debug.Print GetBase64Hash("MyFile.txt")
    a Base64 result-string of:
    djdqbHiM+V8x#uwk9R7igQ

    and in case you want a shorter String back, you could activate the Redim Preserve line in the above code
    (which will increase the collision-probability of the MD5-HashValue - but those 72Bit are still better than a Crc32 or Crc64 value).
    The result for the above input ("MyFile.txt") would then come out shortened as:
    djdqbHiM+V8x

    Olaf

  7. #7

    Thread Starter
    Member
    Join Date
    May 2019
    Posts
    50

    Re: Avoiding Duplicates in Random Passwords

    Quote Originally Posted by Schmidt View Post
    In case you mean the hex-representation of the binary Hash-Results is too long for you -
    you can always switch from Base16 (Hex, having 16Chars in the alphabet) to another alphabet with "more chars" (e.g. Base64).

    But you will still have to hash first.

    Here's a little function, how you could reduce the amount of chars from an MD5-Hash, by using Base64-encoding of the resulting Hash-Bytes:
    Code:
    Function GetBase64Hash(S As String, Optional ByVal CaseSensitive As Boolean) As String
      Dim B() As Byte
      With New_c.Crypt ' vbRichClient5-cCrypt is used here, but any crypto-class usually offers the two methods below
        B = .MD5(IIf(CaseSensitive, S, LCase(S)), False)
        'ReDim Preserve B(0 To 8) 'that way one could reduce the 128Bit-Hash to 72Bit
        GetBase64Hash = Replace(.Base64Enc(B), "/", "#")
      End With
    End Function
    the above will print for:
    Debug.Print GetBase64Hash("MyFile.txt")
    a Base64 result-string of:
    djdqbHiM+V8x#uwk9R7igQ

    and in case you want a shorter String back, you could activate the Redim Preserve line in the above code
    (which will increase the collision-probability of the MD5-HashValue - but those 72Bit are still better than a Crc32 or Crc64 value).
    The result for the above input ("MyFile.txt") would then come out shortened as:
    djdqbHiM+V8x

    Olaf
    Thank Schmidt, that was a very good idea but i want the result to have more characters like this:
    e=g9¿c\.4&)G>?}'NF\c\[¿V7u,woW&#_
    sY1%!^5mFu(X,A4%16;98mk#7O:1v:SMJ

    my code do that but with duplicates...

    Thank You Schmidt for help

  8. #8
    PowerPoster PlausiblyDamp's Avatar
    Join Date
    Dec 2016
    Location
    Pontypool, Wales
    Posts
    2,458

    Re: Avoiding Duplicates in Random Passwords

    Quote Originally Posted by BD48 View Post
    Thank Schmidt, that was a very good idea but i want the result to have more characters like this:
    e=g9¿c\.4&)G>?}'NF\c\[¿V7u,woW&#_
    sY1%!^5mFu(X,A4%16;98mk#7O:1v:SMJ

    my code do that but with duplicates...

    Thank You Schmidt for help
    Out of interest... Why? Is there a reason something like a SHA256 wouldn't be good enough? Do you want this random filename to be truly random or somehow derived from the filename? If derived from the filename why wouldn't a hash be good enough? If it really is a completely random name then would a GUID be any use? Also you example filename contains characters that are illegal in file names so you might want to filter out the reserved characters mentioned here

  9. #9

    Thread Starter
    Member
    Join Date
    May 2019
    Posts
    50

    Re: Avoiding Duplicates in Random Passwords

    Quote Originally Posted by PlausiblyDamp View Post
    Out of interest... Why? Is there a reason something like a SHA256 wouldn't be good enough? Do you want this random filename to be truly random or somehow derived from the filename? If derived from the filename why wouldn't a hash be good enough? If it really is a completely random name then would a GUID be any use? Also you example filename contains characters that are illegal in file names so you might want to filter out the reserved characters mentioned here
    PlausiblyDamp, i want to generate a string with combination of every possible characters depending on the file name like you said (derived from the file name), the SHA hash (E1744A525099D9A53C0460EF9CB7AB0E4C4FC939) generate a limited characters and GUID do the same.
    but maybe converting the SHA hash to string could help!.

    Thank you PlausiblyDamp for help

  10. #10
    PowerPoster
    Join Date
    Jun 2013
    Posts
    7,219

    Re: Avoiding Duplicates in Random Passwords

    Quote Originally Posted by BD48 View Post
    ...but maybe converting the SHA hash to string could help!.
    Sure ... since any Hash-Function will return a sequence of bytes (as a ByteArray):
    - Crc32 = 4Bytes
    - MD5 = 16Bytes
    - SHA1 = 20Bytes
    - SHA256 = 32Bytes
    - SHA512 = 64Bytes

    ...one can then of course use e.g.
    StrConv(ByteArray(), vbUnicode, 1033)
    to convert those HashByte-Sequences to a String-representation directly (any 8Bit-Value of the ByteArray represented by a Single-Char-Mapping, according to the used CodePage,
    which differs from locale to locale though - but could be forced to a specific one, as done above with the magenta-colored "en-US" LCID 1033.

    But that introduces problems with "readability" (e.g. when the ByteArray contained Zeroes or Tabs, Linefeeds or other Chars after the CodePage-mapping).
    And not only is it readability which suffers - it could also affect "transportability" and your ability to use such a string in a serializing-scenario directly.

    That's why most hashes are given in their Hex-representation (with two Hex-Digits-Per-Byte, where even lowercase-uppercase-switchery is tolerated).

    The Base64-encoding I've recommended is a compromise, which is not using "a full ANSI-codepage with mappings in the full byte-range of [0 to 255]",
    but it maps to only "64 always readable Chars in the low ASCII-range" (at the cost of increasing the length of the mapped HashByte-String by 33%).

    Your "fully mapped 8Bit String-representation" could never be concatenated as a Parameter into a Browser-URL for example -
    whereas this is no problem with the Hex-representation (as well as the Base64-representation) of a HashBytes-sequence.

    Olaf
    Last edited by Schmidt; May 18th, 2019 at 05:38 AM.

  11. #11

    Thread Starter
    Member
    Join Date
    May 2019
    Posts
    50

    Re: Avoiding Duplicates in Random Passwords

    Olaf, You Helped me very well.
    Thank You

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width