0

Function to create random password Genpass(p integer, p uppercase p lowercase p special characters) return password varchar2; select Genpassword(2,2,1,2) It contain 2 numbers,2 uppercase characters ,special character like # and 2 numbers;

Improve this question
4
  • What is your question? Commented Nov 17, 2021 at 14:25
  • My question is about random password generate function which creates passwords contain numbers ,letters and special characters in plsql Commented Nov 17, 2021 at 14:26
  • Your question is not clear. Do you need a function? Do you have a function that is not working? What is your effort so far and where do you stuck? Commented Nov 18, 2021 at 7:01
  • create or replace FUNCTION GENPWD( PNOIT IN NUMBER, PSC IN NUMBER, PL IN NUMBER, PU IN NUMBER) return varchar2 is pwd varchar2(11); begin select into pwd:= dbms_random.string('U',pu), pwd:=dbms_random.string('l',pl), pwd:= dbms_random.string('x',psc), pwd:= dbms_random.string('a',pnoit) from dual; return pwd; end; Commented Nov 18, 2021 at 8:21

1 Answer 1

Reset to default
2

The Oracle DBMS_RANDOM.STRING functionality does not allow you to state you want special characters expressly. Also, when you use DBMS_RANDOM.STRING for each type of character, you end up with a series that always has the same structure (which might even be a security issue again).

But if you do not want to have the same structure all the time, you would have to write something that would (in yet another random way) distribute the characters of your structured password.

Another option is to use an example I adopted from an AskTom entry; you leverage the existing functionality and try until you have a result:

create or replace FUNCTION GENPWD( 
  p_numbers      IN NUMBER, 
  p_specialchar  IN NUMBER, 
  p_lowercase    IN NUMBER, 
  p_uppercase    IN NUMBER) return varchar2 
IS
  v_length         number := p_numbers + p_specialchar + p_lowercase + p_uppercase;
  v_password       varchar2(200);
  v_iterations     number := 0;
  v_max_iterations number := 500;
BEGIN
    loop
        v_password := dbms_random.string('p',v_length);
        v_iterations := v_iterations + 1;

           exit when (regexp_count(v_password,'[a-z]') = p_lowercase
                 and  regexp_count(v_password,'[A-Z]') = p_uppercase
                 and  regexp_count(v_password,'[0-9]') = p_numbers) 
                 or v_iterations=v_max_iterations;

    end loop;

    if v_iterations = v_max_iterations THEN
      v_password := '';
    end if;

    return(v_password);
END;
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

can you convert this code in MYSQL
No sorry, I do not speak MySQL. I am only a SQL/PLSQL person
Are you sure DBMS_RANDOM is suitable for password generation? Note that Oracle writes: "DBMS_RANDOM is not intended for cryptography." There appears to be a DBMS_CRYPTO interface with RANDOM*-Functions.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.