Home > PowerShell > Function: New-Password – Creating Passwords with PowerShell

Function: New-Password – Creating Passwords with PowerShell

Description

When creating new accounts, an admin needs to assign a password. We often then check the box to force a user to change their password when they logon for the first time. Some organizations will use a ‘default’ password for all new accounts. That’s fraught with security implications, and I’ve never recommended it. The downside is that you, as an admin, need to think up a password for each new account. I know how it is – you look around at things on your desk, items on the wall, looking for ideas. Then you have to make sure your super password meets your organizations password requirements, including length and complexity. Well, no more!

Enter New-Password. This function takes one simple input – length. It then spits out a password of said length, using upper and lower case letters, numbers, and punctuation, as well as a phonetic version. If you choose not to use some of the punctuation characters, feel free to just put a ‘#’ in front of that particular line.

function New-Password	{
<#
.SYNOPSIS
  Displays a complex password.

.DESCRIPTION
  Displays a complex password. Output includes password, and phonetic breakdown of the password.

.NOTES
  Version                 : 1.3
  Wish List               :
  Rights Required         : No special rights required
                          : If script is not signed, ExecutionPolicy of RemoteSigned (recommended) or Unrestricted (not recommended)
                          : If script is signed, ExecutionPolicy of AllSigned (recommended), RemoteSigned, 
                            or Unrestricted (not recommended)
  Sched Task Required     : No
  Lync/Skype4B Version    : N/A
  Author/Copyright        : © Pat Richard, Skype for Business MVP - All Rights Reserved
  Email/Blog/Twitter      : pat@innervation.com   https://www.ucunleashed.com @patrichard
  Dedicated Post          : https://www.ucunleashed.com/915
  Disclaimer              : You running this script means you won't blame me if this breaks your stuff. This script is
                            provided AS IS without warranty of any kind. I disclaim all implied warranties including, 
                            without limitation, any implied warranties of merchantability or of fitness for a particular
                            purpose. The entire risk arising out of the use or performance of the sample scripts and 
                            documentation remains with you. In no event shall I be liable for any damages whatsoever 
                            (including, without limitation, damages for loss of business profits, business interruption,
                            loss of business information, or other pecuniary loss) arising out of the use of or inability
                            to use the script or documentation. 
  Acknowledgements        : 
  Assumptions             : ExecutionPolicy of AllSigned (recommended), RemoteSigned or Unrestricted (not recommended)
  Limitations             : 
  Known issues            : None yet, but I'm sure you'll find some!                        

.LINK
  
Function: New-Password – Creating Passwords with PowerShell
.EXAMPLE New-Password -Length <integer> Description ----------- Creates a password of the defined length .EXAMPLE New-Password -Length <integer> -ExcludeSymbols Description ----------- Creates a password of the defined length, but does not utilize the following characters: !$%^-_:;{}<># &@]~ .INPUTS This function does support pipeline input. #> #Requires -Version 3.0 [CmdletBinding(SupportsShouldProcess = $true)] param( #Defines the length of the desired password [Parameter(ValueFromPipeline = $True, ValueFromPipelineByPropertyName = $True)] [ValidateNotNullOrEmpty()] [ValidatePattern("[0-9]")] [int] $Length = 12, #When specified, only uses alphanumeric characters for the password [Parameter(ValueFromPipeline = $False, ValueFromPipelineByPropertyName = $True)] [switch] $ExcludeSymbols ) PROCESS { $pw = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" if (!$ExcludeSymbols) { $pw += "!$%^-_:;{}<># &@]~" } $password = -join ([Char[]]$pw | Get-Random -count $length) Write-Output "`nPassword: $password`n" ForEach ($character in [char[]]"$password"){ [string]$ThisLetter = $character switch ($ThisLetter) { a {$ThisWord = "alpha"} b {$ThisWord = "bravo"} c {$ThisWord = "charlie"} d {$ThisWord = "delta"} e {$ThisWord = "echo"} f {$ThisWord = "foxtrot"} g {$ThisWord = "golf"} h {$ThisWord = "hotel"} i {$ThisWord = "india"} j {$ThisWord = "juliett"} k {$ThisWord = "kilo"} l {$ThisWord = "lima"} m {$ThisWord = "mike"} n {$ThisWord = "november"} o {$ThisWord = "oscar"} p {$ThisWord = "papa"} q {$ThisWord = "quebec"} r {$ThisWord = "romeo"} s {$ThisWord = "sierra"} t {$ThisWord = "tango"} u {$ThisWord = "uniform"} v {$ThisWord = "victor"} w {$ThisWord = "whiskey"} x {$ThisWord = "xray"} y {$ThisWord = "yankee"} z {$ThisWord = "zulu"} 1 {$ThisWord = "one"} 2 {$ThisWord = "two"} 3 {$ThisWord = "three"} 4 {$ThisWord = "four"} 5 {$ThisWord = "five"} 6 {$ThisWord = "six"} 7 {$ThisWord = "seven"} 8 {$ThisWord = "eight"} 9 {$ThisWord = "nine"} 0 {$ThisWord = "zero"} ! {$ThisWord = "exclamation"} $ {$ThisWord = "dollar"} % {$ThisWord = "percent"} ^ {$ThisWord = "carat"} - {$ThisWord = "hyphen"} _ {$ThisWord = "underscore"} : {$ThisWord = "colon"} `; {$ThisWord = "semicolon"} `{ {$ThisWord = "left-brace"} `} {$ThisWord = "right-brace"} `/ {$ThisWord = "backslash"} `< {$ThisWord = "less-than"} `> {$ThisWord = "greater-than"} `# {$ThisWord = "pound"} `& {$ThisWord = "ampersand"} `@ {$ThisWord = "at"} `] {$ThisWord = "right-bracket"} `~ {$ThisWord = "tilde"} default {$ThisWord = "space"} } if ($ThisLetter -cmatch $ThisLetter.ToUpper()){ $ThisWord = $ThisWord.ToUpper() } $phonetic = $phonetic+" " +$ThisWord } $phonetic = $phonetic.trim() Write-Output "Phonetic: $phonetic" "Password: $password`nPhonetic: $phonetic" | clip Write-Output "`n`nThis information has been sent to the clipboard" } END{ Remove-Variable ThisWord Remove-Variable ThisLetter Remove-Variable Password Remove-Variable Phonetic Remove-Variable Pw } } # end function New-Password

Now, stick that function in your PowerShell profile. Each time you need a new password, use

New-Password -Length [number]

such as

New-Password -Length 12

And you now have a password to use.

12 character password

You can also specify -ExcludeSymbols to return only an alphanumeric password, bypassing the added complexity of using non-alphanumeric symbols.

New-Password -Length 12 -ExcludeSymbols


12 character alphanumeric password

Donations

I’ve never been one to really solicit donations for my work. My offerings are created because *I* need to solve a problem, and once I do, it makes sense to offer the results of my work to the public. I mean, let’s face it: I can’t be the only one with that particular issue, right? Quite often, to my surprise, I’m asked why I don’t have a “donate” button so people can donate a few bucks. I’ve never really put much thought into it. But those inquiries are coming more often now, so I’m yielding to them. If you’d like to donate, you can send a few bucks via PayPal at https://www.paypal.me/PatRichard. Money collected from that will go to the costs of my website (hosting and domain names), as well as to my home lab.

  1. JPL
    December 31st, 2011 at 21:39 | #1

    It’s a nice function to have on hand. I notice it won’t repeat the same character twice. Can you confirm my finding and how would you address it if we want to allow some repeating character in a password.

    • Pat Richard
      December 31st, 2011 at 22:46 | #2

      I hadn’t noticed the non-repeating characters. I’ll take a look.

  1. December 30th, 2014 at 01:07 | #1