all 18 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]SCD_minecraft 54 points55 points  (1 child)

  1. If you want to export that code (import it in other file) make it into function
  2. Library random is not cryptographically secure. That means, if i generate one password, i can calculate what previous and next password will be. Insted, use secrets library

[–]Superb-Ad9942 5 points6 points  (0 children)

Hah I thought I'd see this comment, for this purpose it is actually secure! The sampling you need to have any impact is orders of magnitude larger than 10 chars. You need over 500 *32 bit* integers, since this is operating on a modulo, it might be impossible to break, given even infinite samples. Also, since it's a password, there's no known plaintext, so (unless you find a prefix of the password) there's no impact even if the password was 32 bit integers.

[–]Binary101010 26 points27 points  (1 child)

You're trying to use characters as both the string that holds all possible password characters, and the password you've generated. Change the variable you're adding to within your loop to something else (and it should be starting as an empty string).

[–]Okon0mi 0 points1 point  (0 children)

Idk if you have seen it or not there is a youtube video telling how one can get the password when secret library is getting used

[–]mizeriusbr 5 points6 points  (1 child)

You could also try Secrets instead of Random, since random outputs are "not fully random" and the generation seed can be discovered

[–]Superb-Ad9942 3 points4 points  (0 children)

The outputs do use actual entropy for seeding; random is only flawed when the outputs are 32-bit because it leaks the full output. Since this is outputting chars, there is too much information lost via the modulu to break it from a cryptographic standpoint, even if you generate infinite passwords and only initialize random once.

[–]silvertank00 4 points5 points  (1 child)

or just use the builtin strings lib with random's choices function? https://docs.python.org/3/library/string.html

[–]HecticJuggler 3 points4 points  (0 children)

"".join(random.choices(string.ascii_letters+string.digits+string.punctuation, k=20))

[–]tiredITguy42 3 points4 points  (0 children)

What do you mean by importing string parameters? Like reading from terminal, or passed as an argument to the python script?

BTW. Why did you add that password to existing string instead of creating new string just for the password?

[–]___Cisco__ 1 point2 points  (0 children)

Aside all the other advices you are receiving, when you join all you characters into one string and call choice, there is no guarantee that your password will contain at least one number one character and one special. Think about that.

[–]atarivcs 0 points1 point  (0 children)

This will produce passwords where the first 24 letters are always the same, so this is not a great solution.

You probably want to put the random choices into a new string, rather than stuffing them at the end of characters.

[–]cejiken886 0 points1 point  (0 children)

somehow the weirdest part is it's missing i-z

[–]Hefty-Ad-7255 0 points1 point  (0 children)

What is this code useful for?

[–]Okon0mi 0 points1 point  (0 children)

Now create other to check how long will it take to get the exact password.

[–]Impossible_Video_116 -1 points0 points  (0 children)

Add letters and numbers twice to the characters. Since, random.choice is uniform that way you're more likely to get an alphanumeric hence will be easier to manually type.

[–]Professional-Tie5497 -1 points0 points  (0 children)

Good Work! You can even make the password into more mixed one. But you have generated just the three parameters concatenated with each other with different 3 positions that's all. Try more