Chapter 1

INTRODUCTION

1.1 What is Random Password Generator?

With growing technology, everything has relied on data and securing these data is the main
concern. Passwords are meant to keep the data safe that we upload on the Internet. An easy
password can be hacked easily and all the personal information can be misused. In order to
prevent such things and keep the data safe, it is quite necessary to keep our passwords very
strong.

A password generator is a software application device that creates arbitrary or tailored

passwords for individuals. It assists individuals to produce more powerful passwords that offer
greater protection for a provided sort of access. Some password generators are merely random
password generators. These programs produce complex/strong passwords with mixes of
numbers, uppercase and also lowercase letters, and also unique personalities such as dental
braces, asterisks, slashes, and so on. It is a tool that generates passwords based on the given
guidelines that you set to create an unpredictable strong password for your accounts.

The Password generator tool creates a random and customized password for users that helps
them to create a strong password which provides greater security. While there are many
examples of "random" password generator programs available on the Internet, generating
randomness can be tricky and many programs do not generate random characters in a way that
ensures strong security. A common recommendation is to use open source security tools where
possible since they allow independent checks on the quality of the methods used. Note that
simply generating a password at random does not ensure the password is a strong password,
because it is possible, although highly unlikely, to generate an easily guessed or cracked
password. In fact, there is no need at all for a password to have been produced by a perfectly
random process: it just needs to be sufficiently difficult to guess.

Random passwords can be generated manually, using simple sources of randomness such
as dice or coins, or they can be generated using a computer.

1
While there are many examples of "random" password generator programs available on the
Internet, generating randomness can be tricky and many programs do not generate random
characters in a way that ensures strong security. A common recommendation is to use open
source security tools where possible since they allow independent checks on the quality of the
methods used. Note that simply generating a password at random does not ensure the password
is a strong password, because it is possible, although highly unlikely, to generate an easily
guessed or cracked password. In fact, there is no need at all for a password to have been
produced by a perfectly random process: it just needs to be sufficiently difficult to guess.

A password generator can be part of a password manager. When a password policy enforces
complex rules, it can be easier to use a password generator based on that set of rules than
to manually create passwords. Long strings of random characters are difficult for most people
to memorize. Mnemonic hashes, which reversibly convert random strings improve into more
memorable passwords, can substantially the ease of memorization. As the hash can be
processed by a computer to recover the original 60-bit string, it has at least as much information
content as the original string.

2
 Chapter 2

LITERATURE REVIEW

2.1 Review of password

A password generator is functionality implemented on an end-user platform to support

password-based user authentication to a remote server (assumed to be a web site, although most
of the discussion applies more generally).

• The Site-Specific Passwords (SSP) scheme proposed by Karp in

2002/03 is one of the earliest proposed schemes of this general type.
SSP generates a site-specific password by combining a long-term user
master password and an easy-to-remember name for the web site, as
chosen by the user.

• PwdHash, due to Ross et al. generates a site-specific password by combining a long-

term user master password, data associated with the web site, and (optionally) a second
global password stored on the platform.

• The 2005 Password Multiplier scheme of Halder man, Waters and Fel-ten, computes a
site-specific password as a function of a long-term user master password, the web site
name, and the user name for the user at the web site concerned.

• Wolf and Schneider’s 2006 Password Sitter [22] scheme generates a site-specific
password as a function of a long-term user master password, the user identity, the
application/service name, and some configurable parameters.

• Passpet, due to Yee and Sitaker and also published in 2006, takes a very similar
approach to SSP, i.e. the site-specific password is a function of a long-term user master
password and a user-chosen name for the web site known as a pet name.

3
• Each pet name has an associated icon, which is automatically displayed to the user and
is intended to reduce the risk of phishing attacks.

• ObPwd, due to Mannan et al. , first surfaced in 2008. It takes a somewhat different
approach by generating a site-specific password as a function of a user-selected (site-
specific) object (e.g. a file), together with a number of optional parameters, including
along-term user password (referred to as a salt), and the web site URL.

• Finally, PALPAS was published in 2015. PALPAS generates pass-words complying

with site-specific requirements using server-provided password policy data, a stored
secret master password (the seed ), and a site- and user-specific secret value (the salt)
that is synchronised across all the user devices using the server

4
2.2 FUTURE OF PASSWORDS

Passwords are currently integral to security measures. That has been true for many years now.
However, passwords cause many problems. They are hard to remember, and we are required
to know too many of them—sometimes even hundreds. In addition, they can be stolen and
leaked on the dark web. Those two sentences combined cause even more trouble.

When you need to know many hard-to-remember passwords—after all, the simple ones are
easy to crack via brute force attacks you might be inclined to take shortcuts. That might
be password reuse or relying on risk storage methods to keep track of all your credentials.

Indeed, passwords have become the single biggest threat to online security. The increasing
complexity of passwords leads to people reusing them, hackers are becoming more adept at
stealing them, and the data found online makes it increasingly profitable to commit
cybercrimes. This is a recipe for disaster, and something needs to be done for there to be a
secure future of passwords.

If all of this weren’t worrisome enough, companies are using more and more cloud and online
services, which require their employees to share login credentials across a greater ecosystem
of software, all of which is vulnerable to attacks.

Despite all this, usernames are now often just your email address, meaning hackers only need
to find your password since the username is intrinsically linked to you. So what is the future of
passwords? Well, different experts have different opinions, and it is hard to say who will be
proven right. Our guess is that it will be a combination of some or all of the solutions described
in this article, as well as some truly unexpected technological breakthroughs.

In our quest to become more secure, passwords become less and less easy to remember.
Let team password take care of securely remembering your passwords while you focus on
growing a successful business!

5
2.3 CHALLENGES TO RANDOM PASSWORD GENERATOR

Your users should be able to:

• Generate a password based on the selected inclusion options

• Copy the generated password to the computer's clipboard
• See a strength rating for their generated password
• View the optimal layout for the interface depending on their device's screen size
• See hover and focus states for all interactive elements on the page

If my passwords aren’t truly random, are they safe?

Generally, yes! In Andrea Rock’s study on Pseudorandom Number Generators for

Cryptographic Applications, she notes that many random generators, “use cryptographic
primitives like hash functions (e.g. SHA-1 or MD5) or block ciphers (DES, Triple-DES, AES)”
to prevent cryptanalytic attacks, input based attacks, and state compromise extension attacks.

2.4 HOW TO SECURE PASSWORD GENERATOR

Concerned about your online privacy? Use the TextMagic Secure Password Generator to
instantly generate personalized and strong passwords for your online accounts. Here’s how you
can use our random password generator:

Do you want to make a URL shorter? Well, don’t worry because we’ve got you covered! Here’s
how you can use our link shortener:

Step #1: In order to generate your random password you must first select your criteria for
generation. You must first choose the length of your password (between 5 and 16 characters).
Next you can choose to include symbols, numbers, lowercase characters, or uppercase
characters.

6
Step #2: The complex password generator will show you the security level of your password
as you add or remove options. To ensure the privacy of your online accounts it is recommended
that you create a very strong password. This can be done by increasing the length of the
passphrase or by including special symbols and numbers.

Step #3: Click on the ‘Generate password’ button to create your random password. You can
edit options or click on the button again to generate a new password. Click on the ‘copy
password’ button to save it to your clipboard. We also recommend creating a master list with
all your passwords in a plain text file and encrypting it with GPG, disk encryption or 7-Zip.

2.5 WHY YOU SHOULD GENERATE RANDOM PASSWORD

GENERATOR

A strong password is essential for protecting your personal and professional assets online.
Security experts recommend users generate secure passwords for every website and account.
Sadly, most online users choose bad passwords (e.g. their name, birthday, child’s name, or a
predictable sequence of numbers) for all their accounts. These types of passwords are extremely
easy to crack and once an account is compromised, there’s nothing the user can do about it. On
the other hand, manually generating strong passwords can be a tedious task. This is exactly
why you should use a random password generator online!

Why we created this tool

We created the online password generator because we care about your online privacy. We also
know how painful it is to lose precious information or, worse, your assets, to hackers. To ensure
that this never happens to you, we built this simple, yet extremely powerful, passphrase
generator.

Benefits of using the secure password generator

The benefits of using a random password generator are obvious:

7
A strong password generated online can help you protect the security of your personal and
professional email accounts, social network accounts, WiFi encryption, banking and financial
and savings accounts.

A passphrase generator will save you the trouble of having to think about a strong password
yourself.

How does password generation work?

Strong password generation is done client-side. You select your criteria for generating the
password, and the generation process happens on your computer, with JavaScript. This means
that your passwords are never shared with us or other users.

What makes a password strong?

A strong password should be at least 15 characters long and contain the following elements:

Special symbols like:: ! " $ ? $ ? % ^ & * ( ) _ - + = { [ } ] # @

A mix between lowercase and uppercase letters (e.g. XiDmDKxlArosD)

Random numbers (e.g. isX223Xdkd193xKss1)

Words that aren’t in the dictionary: (quckeldovas19d##92s)

What makes a password weak?

Weak passwords generally represent a mix between the following elements:

Your login details, username, name, or birthday.

The name of a friend, family member, child or any common name.

A word from the dictionary.

A variation of one of your former passwords.

A simple keyword pattern like qwerty, 123456 or zxcvbnm.

8
How can I keep my account secure?

‘Free Internet’ is a concept that we usually take for granted. The Internet is teeming with
dangerous things like cyber-crime, hackers, Trojans, phishing, scams, online threats and
viruses. Here are a few suggestions that will help you improve the security of your accounts
and systems:

1. Use a random password generator to create impossible to crack passwords.

2. Use password managers such as LastPass or KeePass for multiple accounts.

3. Don’t let your browsers store passwords because they can be revealed easily.

4. Don’t use free wireless networks to access sensitive accounts.

5. Constantly update your operating system and anti-virus software.

6. Backup or encrypt passwords to different locations.

7. Never turn OFF your User Account Control (UAC).

8. Turn on two-step authentication.

9. Browse the internet through a secure browser.

10. Bookmark websites such as PayPal or bank account portals to avoid scams.

11. Don’t simply close your browser when you finish an operation. Also log out of your online
accounts.

12. NEVER store critical passwords in the cloud.

How often should I change my passwords?

Security experts recommend changing a password once every 10 weeks.

Do you store passwords generated with this tool?

No. We never store passwords generated by our customers. In any case, they are generated
directly on your computer using JavaScript, not on the internet.

9
 Chapter 3

PROPOSED SYSTEM

Python is an interpreted high-level general-purpose programming language. Its design

philosophy emphasizes code readability with its use of significant indentation. Its language
constructs as well as its object-oriented approach aim to help programmers write clear, logical
code for small and large-scale projects. Python is dynamically-typed and garbage-collected. It
supports multiple programming paradigms, including structured (particularly, procedural),
object-oriented and functional programming.

It is often described as a "batteries included" language due to its comprehensive standard

library. Guido van Rossum began working on Python in the late 1980s, as a successor to the
ABC programming language, and first released it in 1991 as Python 0.9.0. Python 2.0 was
released in 2000 and introduced new features, such as list comprehensions and a cycle-
detecting garbage collection system (in addition to reference counting). Python 3.0 was
released in 2008 and was a major revision of the language that is not completely backward-
compatible. Python 2 was discontinued with version 2.7.18 in 2020

To build this project we will use the basic concept of python and libraries –

Tkinter, random, string.

• Tkinter is a standard GUI library and is one of the easiest ways to build a GUI
application.
• pyperclip module allows us to copy and paste text to and from the clipboard to your
computer.
• The random module can generate random numbers
• string module contains a number of functions to process the standard python string.

To install the libraries we can use pip installer from the command line

pip install tkinter

pip install pyperclip

10
pip install random

pip install strings

PSEUDO CODE

uppercaseLetter1 = Generate random uppercase letter between A to Z

uppercaseLetter2= Generate random uppercase letter between A to Z

lowercaseLetter1=Generate random lowercase between a to z

lowercaseLetter2=Generate random lowercase between a to z

digit1=Generate random digit between 0 to 9

digit2=Generate random digit between 0 to 9

punctuationSign1=Generate random punctuation sign

punctuationSign2=Generate random punctuation sign

password=uppercaseLetter1+uppercaseLetter2+lowercaseLetter1+lowercaseLetter2+digit1+d
igit2+punctuationsign1+punctuationsign2

shuffle (password)

11
3.1 TYPES AND STRENGTH OF PASSWORD GENERATED

Symbol Set Symbol Count N Entropy per symbol H

Arabic numerals (0–9) (e.g. 10 3.32 bits
PIN)
Hexadecimal numerals (0–9, 16 4.00 bits
A–F) (e.g. WEP key)
Case insensitive Latin 26 4.70 bits
alphabet (a–z or A–Z)
Case insensitive 36 5.17 bits
alphanumeric(a–z or A–Z,0-
9)
Case sensitive Latin 52 5.70 bits
alphabet (a–z, A–Z)
Case sensitive 62 5.95 bits
alphanumeric(a–z or A–Z,0-
9)
All ASCII printable 94 6.55 bits
characters
Diceware word list 7776 12.9 bits

Table 3.1.1-Entropy per symbol for different symbol sets

12
Desired Arabic Hexadec Case Case Case Case ASCII All Dicew
passwor numer imal insensitive insensitive sensit sensit printab extended are
d als Latin alphanum ive ive le ASCII Word
entropy alphabet eric Latin alpha charact Printable list
H alpha nume ers character
bet ric s
32 bits 10 8 7 7 6 6 5 5 3

40 bits 13 10 9 8 8 7 7 6 4

64 bits 20 16 14 13 12 11 10 9 5

80 bits 25 20 18 16 15 14 13 11 7

96 bits 29 24 21 19 17 17 15 13 8

128 bits 39 32 28 25 23 22 20 17 10

160 bits 49 40 35 31 29 27 25 21 13

192 bits 58 48 41 38 34 33 30 25 15

224 bits 68 56 48 44 40 38 35 29 18

256 bits 78 64 55 50 45 43 39 33 20

384 bits 116 96 82 75 68 65 59 50 30

512 bits 155 128 109 100 90 86 78 66 40

1024 bits 309 256 218 199 180 172 156 132 80

Table 3.1.2-Lengths L of truly randomly generated passwords required to achieve

desired a password entropy H for symbol sets containing N symbols.

13
 1 2 3 4 5 6

1 a b c d e f

2 g h i j k l

3 m n o p q r

4 s t u v w x

5 y z 0 1 2 3

6 4 5 6 7 8 9

Fig 3.1.3: Mechanical Method

14
3.2 Reasons Why You Should Code a Password Generator in Python

Random-Password-Generator

1. Automate the Password Generation Process

On a typical day in your life, you’ll visit numerous websites – from e-commerce websites to
learning and coding platforms. Most of the websites require you to log in with credentials. This
is a repetitive task that you can automate using a Python script.

2. Generate Secure Passwords

Coming up with strong passwords that meet security constraints can be challenging; trivial
passwords that are not strong are susceptible to security attacks.

You can use Python to programmatically generate secure passwords. This lets you run the script
to generate passwords as needed—without worrying about the password being secure.

3. Add a Practical Project to Your Portfolio

If you’re a beginner Python programmer, you should build projects to hone your skills and
showcase your programming expertise through a portfolio.

In addition to a simple Python script, you can customize it further, and publish it as a PyPI
package. You can also add a graphical user interface using libraries such as Tkinter,
and much more!

15
3.3 How to Code a Password Generator in Python

Step 1: Import necessary modules

As a first step, let’s import the secrets module. This module is built into the Python standard
library, so you can import it

Step 2: Define the alphabet

The next step is to define the alphabet. Alphabet denotes the set of all characters that we’ll
consider for password generation. Here, we want it to contain the following: lowercase and
uppercase letters and special characters.

Step 3: Fix the length of the password; Generate a password

Let’s store the length of the password in the variables

Step 4: Customize Your Passwords Based on Constraints

You can customize the password generation by checking if it meets certain constraints.

3.4 How Do Random Password Generators Work?

A random password generator is a software program, hardware device, or online tool that
automatically generates a password using parameters that a user sets, including mixed-case
letters, numbers, symbols, pronounceability, length, and strength.

There are three kinds of random number generators that help make your new passwords:

Pseudorandom number generators

True random number generators.

16
3.5 Use of random password generator

To prevent sophisticated hackers from getting into your accounts, you need to use a random
password generator to keep your accounts safe. The password generator will create dozens of
random passwords consisting of numbers, letters, and symbols that even the most skilled
hackers cannot guess. Safe password generators make use of cryptographic entropy or
randomness. Avoid using the most common security questions and answers to make a password
strong. It would be best to never use the same password for various important accounts.
Random password generators use passwords that contain at least 16 characters, one uppercase
letter, one number, one special symbol, and one lowercase letter. When creating passwords,
people often use phone numbers, social security numbers, postcodes, ID card numbers, house
numbers, and birthdays -- all of which are easy to guess.

If using a free password generator, do not grant permissions to any web browser to save your
passwords, because they often are breached quickly.

Avast random password generator makes securing your account a breeze. You can generate
random strong passwords instantly on this page. That’s how it works:

• It lets you choose password length and present a checklist of characters options to create
unbreakable random passwords. You can set Avast's predefined or selected metrics to
generate a random password and copy it to your clipboard to improve the security of
any online account.
• Its diverse pool of lowercase characters, upper case characters, numbers and special
characters allows Avast's auto password generator to create unpredictable random
passwords.
• Whether you are creating a password for games, social media accounts, personal emails,
or bank accounts, Avast's user-friendly design and ability to create random passwords
in no time combine to make the best random password generator available.
• Each random password generated occurs due to robust cryptographic algorithms that
render locally in your browser -- using your computer's own processor -- and without
transmitting anything over the internet.

17
Fig 3.5.1: Automated password generator

18
3.6 Implementation

Let’s check the step to build a Password Generator using Python

Import modules

Initialized Window

Select Password Length

Define FunctionsSteps

Steps to create random password generator

1. Import Libraries

The first step is to import libraries

from tkinter import *

import random, string

import pyperclip

2. Initialize Window

root = Tk()

root.geometry("400x400")

root.resizable(0,0)

root.title("DataFlair - PASSWORD GENERATOR")

Tk() initialized tkinter which means window created

geometry() set the width and height of the window

resizable(0,0) set the fixed size of the window

title() set the title of the window

Label(root, text = 'PASSWORD GENERATOR' , font ='arial 15 bold').pack() Label(root,

text ='DataFlair', font ='arial 15 bold').pack(side = BOTTOM)

19
Label() widget use to display one or more than one line of text that users can’t able to
modify.

root is the name which we refer to our window

text which we display on the labe

font in which the text is written

pack organized widget in block

3. Select Password Length

pass_label = Label(root, text = 'PASSWORD LENGTH', font = 'arial 10 bold').pack()

pass_len = IntVar()

length = Spinbox(root, from_ = 8, to_ = 32 , textvariable =pass_len , width = 15).pack()

pass_len is an integer type variable that stores the length of a password.

To select the password length we use Spinbox() widget.

Spinbox() widget is used to select from a fixed number of values. Here the value from 8 to
32

4. Function to Copy Password

def Copy_password():

pyperclip.copy(pass_str.get())

Button(root, text = 'COPY TO CLIPBOARD', command =

Copy_password).pack(pady=5)pyperclip.copy() used to copy the text to clipboard

20
3.7 Data flow diagram(DFD):-

A data flow diagram (DFD) maps out the flow of information for any process or system. It uses
defined symbols like rectangles, circles and arrows, plus short text labels, to show data inputs,
outputs, storage points and the routes between each destination. Data flowcharts can range from
simple, even hand-drawn process overviews, to in-depth, multi-level DFDs that dig
progressively deeper into how the data is handled. They can be used to analyze an existing
system or model a new one. Like all the best diagrams and charts, a DFD can often visually
“say” things that would be hard to explain in words, and they work for both technical and
nontechnical audiences, from developer to CEO. That’s why DFDs remain so popular after all
these years. While they work well for data flow software and systems, they are less applicable
nowadays to visualizing interactive, real-time or database-oriented software or systems.

Random password generator, which will be highly flexible in terms of length of the password
and the used characters set. The algorithm will be implemented in Scilab and also as an in-page
application.Passwords are critical for cyber security. A good password must have at least 8
random characters in length and should contain lower case letters, upper case letters, numbers
and at least one special character.

For a greater understanding on how the random password generator works, let’s start from its
logical diagram.

21
Fig 3.7.1: DFD Diagram

22
3.8 Use case diagram(UCD):- In the Unified Modeling Language (UML), a use case
diagram can summarize the details of your system's users (also known as actors) and their
interactions with the system. To build one, you'll use a set of specialized symbols and
connectors. An effective use case diagram can help your team discuss and represent:

• Scenarios in which your system or application interacts with people, organizations, or

external systems

• Goals that your system or application helps those entities (known as actors) achieve

• The scope of your system

Fig 3.8.1: UML Diagram

23
 CONCLUSION

Here we are completed with our project using Python. With these steps, we have successfully
created a random password generator project using python. We used popular tkinter library to
rendering graphics in our display window and we also learned about pyperclip and random
library.

To generate cryptographically secure passwords, you should use the secrets module and not
the random module.A strong password should be sufficiently long and should be random in
that it cannot be easily predicted or generated. It should be a combination of uppercase and
lowercase letters, digits, and special characters.

Python ships with a built-in string module that provides all letters, digits, and special characters
in the constants ascii_letters, digits, and punctuation, respectively. Use the syntax:
string.constant to access these string constants. We can use the above constants to define an
alphabet (a set of all characters) for password generation.

Once you’ve defined an alphabet, you can use secrets.choice() to sample a random character
from it. To repeat this for the length of the password, you can use a for loop. We learned how
to create buttons, input textfield, labels, and spinbox. In this way, we successfully created our
password generator python project.

24
 REFERENCES

1. "Linux / UNIX: Generating Random Password With mkpasswd / makepasswd /

pwgen". cyberciti.biz. November 2007.

2. "Visual Studio 2005 Retired documentation". Microsoft Download Center.

Websites:

https://www.python.org/

https://www.geeksforgeeks.org/

https://www.wikipedia.org/

https://github.com/

IEEE papers:

https://ieeexplore.ieee.org/

25
26