Inspired by the Lifehacker article of “How to Write Down and Encrypt Your Passwords with an Old-School Tabula Recta” I have thrown together my own web-based Tabula Recta generator.
This is a just a quick proof of concept. I don’t shift the characters but generate a random character from a limited character set (abcdefghijklmnopqrstuvwxys0123456789!@#$%^&*()+_-{}|;<>?) using the mt_rand PHP function. I also only use lowercase alpha characters for this test.
Feel free to use and print out.
**UPDATE**
After I posted this and thought about it I for the life of me don’t know why I just didn’t post the code. So here it is. Very simplified, but a good starting point to build on possibly if someone is interested in taking it further.
<table style="border: 1px solid black;;font-family: verdana;font-size:16pt"
cellpadding="0" cellspading="0">
<tr>
<td style="border: 1px solid black"> </td><?php
function rand_char($chars = 'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()+_-{}|;<>?ABCDEFGHIJKLMNOPQRSTUVWXYZ')
{
$string = '';
for ($i = 0; $i < 1; $i++)
{
$pos = rand(0, strlen($chars)-1);
$string .= $chars{$pos};
}
return $string;
}
$letterarray = array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't' ,'u', 'v', 'w', 'x', 'y','z');
$count = count($letterarray);
for ($i = 0; $i < $count; $i++) {
echo "<td style='border: 1px solid black;font-weight:900' width='30' align='center'>".$letterarray[$i]."</td>";
}
echo "</tr>";
for ($i = 0; $i < $count; $i++) {
echo "<tr><td style='border: 1px solid black;font-weight:900' align='center'>".$letterarray[$i]."</td>";
for($s=0; $s < $count; $s++)
{
echo "<td style='border: 1px solid black' align='center'>".rand_char()."</td>";
}
echo "</tr>";
}
?>
</tr>
</table>
Is the random number generator you used cryptographically secure?
No. Using the PHP function mt_rand from a limited set of ASCII characters. mt_rand is not cryptographically secure (see discussion of mt_rand on PHP.net).
This randomness would have to be generated using the CryptoAPI or OpenSSL.
However, for normal everyday password I find it pretty secure.
I notice you don’t have uppercase letters and the example show on the Lifehacker has both upper and lower case letters. Any plans to add that?
Threw this together as a quick and dirty test. Added uppercase for you though. However, still only using a limited ASCII character set (abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()+_-{}|;?ABCDEFGHIJKLMNOPQRSTUVWXYZ)
Thanks for the feedback! 🙂
Thanks!
Something I based on the same article. Very neat.
This one exports the data into a text file for import into a spreadsheet.
‘, ‘<');
$numChars = array_merge($chars, $numbers);
$all = array_merge($numChars, $symbols);
for ($i = 0; $i <= 5; $i++) {
shuffle($all);
}
$rand = array_rand($all, 26);
for ($y = 0; $y <= 25; $y++) {
for ($x = 0; $x