Generate pseudo-random passwords with OpenSSL

OpenSSL comes in handy when you need to generate random passwords, for example for system accounts and services. In this short post I’ll give you a quick example on how to generate random passwords with OpenSSL in Linux (Bash), Windows and PHP…

Pseudo-random passwords and strings with OpenSSL

The OpenSSL rand command can be used to create random passwords for system accounts, services or online accounts. The rand command outputs num pseudo-random bytes after seeding the random number generator once.

Generate pseudo-random passwords with OpenSSL Click To Tweet

You only have to decide the byte-length of your password or string, and OpenSSL does all the calculations.

For example an 8 byte pseudo-random string, hex encoded output:

$ openssl rand -hex 8
28dbc04b1a90fbf4

Or an 8 byte random string, base64 encoded output:

$ openssl rand -base64 8
7UON8PQIYHg=

OpenSSL on Windows

Generate random passwords in Windows using OpenSSL

If you have installed OpenSSL on Windows, you can use the same openssl command on Windows to generate a pseudo-random password or string:

c:\Users\Jan>C:\OpenSSL-Win64\bin\openssl.exe rand -hex 8
33247ca41c60ac53

PHP OpenSSL – create a pseudo-random password with PHP and OpenSSL

In PHP you can use openssl_random_pseudo_bytes(), with bin2hex() for readability:

<?php
  var_dump( bin2hex( openssl_random_pseudo_bytes( 8, $cstrong ) ) );
?>

Yes, hexadecimal strings are all lower-case… All you need now is a way to remember these generated strings and passwords… ;-)

Bonus: Use PowerShell to create a random password:

 1..14 | ForEach { $my_passwd = $my_passwd + [char](New-Object System.Random( (get-date).Millisecond + $_ )).next(65,127) }