Auto generation of passwords

[Sadler]

Hello,
I need to auto-generate passwords on a registration form (built using Fabrik) so users do not have to enter a password.
Looking at the password element there is no obvious way (at least to me) of handling this with the element as is so my workaround is to use a standard field element and hide it from the user but populate it using some js with an autogenerated string.
Anyone else had this request ?
If so any pointers on how to solve it?

Burnsy

 

[cheesegrits]

No, we don't provide a "random" option for the password element, which is strictly for allowing users to input passwords. Although that might not be a bad idea to add as an option.

No, don't do it in JS. Do it as an eval'ed default on a hidden field element, like ...

return bin2hex(openssl_random_pseudo_bytes(6));

... which would generate a random string of lower case letters and numbers, 12 bytes long (twice the length of the number your provide as the arg to openssl_random_pseudo_bytes()). Or there are dozens of other one liners in PHP to generate random strings, some more "random" than others, depends how strong you want your passwords to be. Google around if you need stronger passwords.

And set the ACL on the element so the user does not have "new" or "edit" privs. I usually create a J! access level called "Nobody", which contains no groups, for setting ACLs like this, where I really just mean "nobody can ever edit or set this except Fabrik". By setting the ACL as well as hiding the field, we will encrypt the value and append it in the hidden fields of the form.

-- hugh

 

[Sadler]

Thanks Hugh!