OpenSSL comes in handy when you need to generate random passwords, for example for system accounts and services. In this short post I'll give you a quick example on how to generate random passwords with OpenSSL in Linux (Bash), Windows and PHP.
In this post you'll learn how to use OpenSSL to create pseudorandom strings. Random strings you can use as secure passwords. Yes, hexadecimal and base64 strings are all lower-case. All you need now is a way to remember these generated strings and passwords... Use a password manager like Bitwarden, Devolutions Hub, Vault by Hashicorp or 1Password.
Pseudorandom strings with OpenSSL
The OpenSSL rand command can be used to create random passwords for system accounts, services or online accounts. The rand command outputs num pseudorandom bytes after seeding the random number generator once. The -hex argument tells openssl to show the output as a hex string. You can also use -base64.
You only have to decide the byte-length of your password or string, whether you want hexadecimal or base64, and OpenSSL does all the calculations.
For example an 8 byte pseudorandom string, hex encoded output:
$ openssl rand -hex 8
28dbc04b1a90fbf4Or an 8 byte random string, base64 encoded output:
$ openssl rand -base64 8
7UON8PQIYHg=Using OpenSSL to generate random passwords in Windows
If you have installed OpenSSL on Windows, you can use the same openssl.exe command on Windows to generate a pseudo-random password or string:
PS C:\Users\Jan Reilink> &"C:\Program Files\OpenSSL-Win64\bin\openssl.exe" rand -hex 8
fa2af455f4425c9b
PS C:\Users\Jan Reilink> &"C:\Program Files\OpenSSL-Win64\bin\openssl.exe" rand -base64 8
tYHpFYAZ4C0=These makes ideal passwords, easily generated with openssl.exe in Windows 11 or Windows 10 :) .
PHP - create a pseudorandom password with PHP openssl_random_pseudo_bytes()
In PHP you can use openssl_random_pseudo_bytes(), with bin2hex() for readability:
<?php
var_dump(
bin2hex(
openssl_random_pseudo_bytes( 8, $cstrong )
)
);
?>
Conclusion creating random password strings with OpenSSL
In this post you learned various ways of creating a secure(ish) password string with OpenSSL. On Linux and Windows, and even PHP. But, what is pseudorandom?
A pseudorandom sequence of numbers is one that appears to be statistically random, despite having been produced by a completely deterministic and repeatable process.
Wikipedia - Pseudorandomness
You can use such a string as a password, but keep in mind it's viable to crack 16 character strong passwords in less than an hour.
Thank you very much! <3 ❤️
Hi, my name is Jan. I am not a hacker, coder, developer or guru. I am merely an application manager / systems administrator, doing my daily thing at Embrace – The Human Cloud. In the past I worked at CLDIN (CLouDINfra) and Vevida. With over 20 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, websites & optimization. I blog at https://www.saotn.org.
Pingback: Create strong passwords in Windows
Pingback: Bash function to generate a random alphanumeric string
Pingback: Windows 11/10 and WSL 2 DevOps environment