str_shuffle isn't recommendable for passwords. Each character exists only one time).
A function like the following one is better for this.
<?php
function generatePassword($length = 8) {
$possibleChars = "abcdefghijklmnopqrstuvwxyz";
$password = '';
for($i = 0; $i < $length; $i++) {
$rand = rand(0, strlen($possibleChars) - 1);
$password .= substr($possibleChars, $rand, 1);
}
return $password;
}
?>