Generating random password using PowerShell

Not so long time ago, I had to create a bunch of fake users for some testing purposes. Every user had to have a password set. I knew, that I could use one password for all users, but I wanted to try generating unique passwords for them. I knew we have Get-Random in PowerShell, but how to use it to generate a “random” password?

The first thing I do when I have a problem like that is to search the Internet – maybe somebody else did that already. After a bit of searching, I found a very interesting entry on Hey, Scripting Guy! blog by Sean Kearney. You can find it here. But script in article has one minus – it uses all ASCII characters in 42 – 122 range. I wanted to have more control on how the password looks, so I started to write my own function. Also please bear in mind, that password generated using methods describer here will not be truly random.

How to provide data for PowerShell cmdlet Get-Random

Get-Random is a PowerShell cmdlet that “Gets a random number, or selects objects randomly from a collection”. So we have to provide it a collection of characters, that we want to use in our password. We can generate our collection on the fly:

for ( $i = 97; $i -le 122; $i++ ) {
    $asciiTable += , [char]$i
}

I’m using $asciiTable as a collection holder. This loop iterates the ASCII characters from 97 – 122 range (small letters) and adds them to $asciiTable. You are probably wondering why there is a comma there – it adds the character in new line. Without it, we would have one line with all characters, and this is what Get-Random would choose.

How to get data back using Get-Random

Now we can pick a random character:

Get-Random -InputObject $asciiTable

Great, but that is only one character. We need more to have a password. Most of security standards say, that passwords length should be 8 characters minimum – let’s use that:

for ( $i = 1; $i -le 8; $i++) {
    $tempPassword += ( Get-Random -InputObject $asciiTable )
}

My random password is keiysajk 🙂

Adding more characters to the list

So we have generated a password using small letters. But what about the big letters? Or numbers? Or special characters? As we know, password containing only one type of characters is not safe.
We just have to add more characters to our collection. We can do it as shown before (this time for big letters):

for ( $i = 65; $i -le 90; $i++ ) {
    $asciiTable += , [char]$i
}

Or we can just add already prepared set of characters (in example for special characters):

$asciiTable += "*","$","-","+","?","_","&","=","!","%","{","}","/"

As a result of the steps above, we would get password containing small and big letters, and some special characters.
And now the full function:

function New-RandomPassword {
[CmdletBinding()]
#Switch type of parameter allows us to use just -ParameterName for boolean type of parameters
Param(
    [Parameter()]
    [int]$PasswordLength = 15,
    [Parameter()]
    [switch]$BigLetters,
    [Parameter()]
    [switch]$SmallLetters,
    [Parameter()]
    [switch]$Numbers,
    [Parameter()]
    [switch]$NormalSpecials,
    [Parameter()]
    [switch]$ExtendedSpecials
)
    $asciiTable = $null
    #We are checking if any parameter was provided for function. If not, let's use small leters
    if (!$BigLetters -and !$SmallLetters -and !$Numbers -and !$NormalSpecials -and !$ExtendedSpecials) {
        for ( $i = 97; $i -le 122; $i++ ) {
            $asciiTable += , [char][byte]$i
        }
    }
    if ($Numbers) {
        for ( $i = 48; $i -le 57; $i++ ) {
            $asciiTable += , [char]$i
        }
    }
    #Normal specials have better chance to work in passwords used in some exotic environments
    if ($NormalSpecials) {
        $asciiTable += "*","$","-","+","?","_","&","=","!","%","{","}","/"
    }
    if ($ExtendedSpecials) {
        $asciiTable += "@","#",".",",","^","(",")",":",";","'","`"","~","``","<",">"
    }
    if ($BigLetters) {
        for ( $i = 65; $i -le 90; $i++ ) {
            $asciiTable += , [char]$i
        }
    }
    if ($SmallLetters) {
        for ( $i = 97; $i -le 122; $i++ ) {
            $asciiTable += , [char]$i
        }
    }
    $tempPassword = $null
    for ( $i = 1; $i -le $PasswordLength; $i++) {
        $tempPassword += ( Get-Random -InputObject $asciiTable )
    }
    return $tempPassword
}

You can choose passwords length and characters which will be used to generate it.

Result of New-RandomPassword function in PowerShell console

That’s it for now, thank you for your time. See you soon 🙂

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.