-
Improvement
-
Resolution: Fixed
-
Minor
-
3.0.7-PL1
-
None
-
None
4bb3266cc62003d5bd6fafda03a5582ea06250e9 changed gen_rand_string() to also map O to Y to not confuse O and 0 in generated passwords. This reduces entropy slightly in all other places where gen_rand_string() is used.
function gen_rand_string($num_chars = 8)
|
{
|
$rand_str = unique_id();
|
$rand_str = str_replace(array('0', 'O'), array('Z', 'Y'), strtoupper(base_convert($rand_str, 16, 34)));
|
|
|
return substr($rand_str, 0, $num_chars);
|
}
|
Another function gen_rand_passwd() should be added to increase entropy of all gen_rand_string() output.
- depends on
-
-
- Unverified Fix
-
- is related to
-
PHPBB-5164 Honor minimum and maximum password length in generated passwords as much as possible.
-
- Closed
-
-
-
- Closed
-